On Thu, 14 Jun 2001, Jeremy Sharp wrote:
> Can I ensure that my list:
> - will not pass unauthorised posts for moderation, but
just rejects them
Jeremy,
Ralf Laue has come up with a way to do this under very
specific circumstances. If you can configure your Mailman
installation the way he outlines it will work, but it isn't
a simple thing to do. Below is an email he sent to me
describing the process. I hope you find it useful.
-Ben
------- Original Copy -------
Hello,
Some weeks ago, you have posted a useful document about how
to setup
announce only mailman lists to the Mailman-Developers list.
If you should write something like a HOWTO about this topic,
you should
consider one additional point:
You describe how to configure a list to allow only certain
addresses
to post. However, these "sender" addresses can be faked very
easily.
If you really have to avoid unauthorized posting, I suggest
another way:
1) Mailman and your mail server run on two different
machines.
2) A firewall does not allow SMTP connections to the Mailman
machine
from
the outside. SMTP is only possible to the mail server.
3) We must allow administrative requests to be sent to the
Mailman
machine
from the outside. To do this:
- point the MX entry for mailman.you.com from your external
DNS to the
mailserver
- Set up an internal DNS that cannot be accessed from the
outside and
define a host entry (and MX) for realmailman.you.com,
pointing to the
Mailman server.
- Create some forwardings on the mail server:
[EMAIL PROTECTED] will be forwarded to
[EMAIL PROTECTED]
[EMAIL PROTECTED] will be forwarded to
[EMAIL PROTECTED]
(sendmail users could use virtusertable)
Be sure that mail to
[EMAIL PROTECTED] will NOT be forwarded to
[EMAIL PROTECTED]!
Note that your mail server as an internal server has access
to the
internal
DNS server. For this reason it can send mail to
realmailman.you.com. A
user from the
outside has not, so that realmailman.you.com is not visible
from the
outside.
This is a much stronger solution, because nobody with a
faked sender
address can
send mail to the Mailman server. However, it is still not
safe enough if
you have to
be afraid of internal users sending unauthorized e-mail to
the list.
Best Wishes,
Ralf Laue
j)fju,z»&j)eŠËLj)fju,z»)ÊØhžŠà†ÛiÿùšŠZr¶'¢¸?™¨¥™©ÿ–+-Šwèþf¢–f§ºÇ«��������������������������������������������
- [Mailman-Users] Announcement only Jeremy Sharp
- Re: [Mailman-Users] Announcement only Roger B.A. Klorese
- Re: [Mailman-Users] Announcement only Ben Burnett
- Re: [Mailman-Users] Announcement only Ben Burnett
