Peter <[EMAIL PROTECTED]> wrote: > The methods mentioned both have a "backdoor", so it is better to keep > them moderated, right? > > I wonder, why it is not possible to use the brilliant authentication > backend courier comes with. IsnÂt it possible to construct something > like: > > "if user is authenticated on this server and uses account > [EMAIL PROTECTED] let him post to the newsletter."
Not easily, since "posting to a couriermlm mailing list", from the Courier server's point of view, is being done in the "local message delivery" stage, not in the earlier "SMTP authentication and message reception" stage. As far as I know, no authentication information is passed from the "SMTP auth and msg reception" stage to the "local delivery" stage. If you want a top secure posting authorization mechanism, you could call a script of yours in the dot-courier file, and make the script use `mimegpg`[1] to verify if the message has a proper GPG/PGP signature, and only then call `couriermlm` to actually post the message. [1] http://www.courier-mta.org/mimegpg.html ------------------------------------------------------- This SF.net email is sponsored by OSDN's Audience Survey. Help shape OSDN's sites and tell us what you think. Take this five minute survey and you could win a $250 Gift Certificate. http://www.wrgsurveys.com/2003/osdntech03.php?site=8 _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
