On 5/26/21 12:30 PM, Ivan Tejeiro Izquierdo wrote: > Hi: > > Can you change the header "Approved: password" for the approval of moderated > messages, and change it to another word? > > For example, approve moderated messages with the word "OK" and without having > to specify a password.
You need to specify a password to prevent an unauthorized person from approving the post. In particular, the poster's notification that the message is held contains the confirmation token so if the value of the Approved: header is well known, the poster can approve her own post. You could apply this patch ``` > === modified file 'Mailman/MailList.py' > --- Mailman/MailList.py 2020-05-18 17:01:51 +0000 > +++ Mailman/MailList.py 2021-05-27 18:00:25 +0000 > @@ -1454,6 +1454,7 @@ > # Does it match the list password? Note that we purposefully > # do not allow the site password here. > if self.Authenticate([mm_cfg.AuthListAdmin, > + mm_cfg.AuthListPoster, > mm_cfg.AuthListModerator], > approved) <> mm_cfg.UnAuthorized: > action = mm_cfg.APPROVE ``` to allow the list poster password to be used and then set that password to `OK`. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
