From: "Jason R. Mastaler" <[EMAIL PROTECTED]> Have you seen TMDA FAQ 4.8?
Hmm, not sure how I missed that, I did look around. Anyways, here is what I came up with:
1) I created .qmail-list-default in the virtual directory, and removed the tmda processing from that file so that it's only content filtered, then allowed [EMAIL PROTECTED] addresses through mailfront. This way the user can subscribe to a list with [EMAIL PROTECTED] and the traffic will get through without challenge no matter what they're using as a sender address.
2) I changed the outgoing filter by adding a line like this:
to-file /filepath/mailing_lists bare
The mailing list file uses lines with explicit declarations like this:
[EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED]
This way it won't matter what kind of verification they're doing, you'll be posting with what looks like a normal account. List traffic should essentially sail through, but because you're not using the -list- tag in your from or reply-to direct responses will still get challenged if they're spammy so you shouldn't have to worry about harvesting. If someone ever guesses your list address you can just block and change. Does anyone see any holes with this strategy?
Only one problem, I need to find a way for the users to be able to control their mailing_list entries without shell or web access. (imap/smtp only) I thought about maybe some sort of special address that delivers to a program, but I'm little concerned about the security implications of that.
If anyone has a better idea of how to do this, please speak up.
Chris Berry [EMAIL PROTECTED] Systems Administrator JM Associates & Coast Business Service
"Some days you fix the multi-million dollar machine, other days the $12 stapler kicks your ass."
_________________________________________________________________
Rethink your business approach for the new year with the helpful tips here. http://special.msn.com/bcentral/prep04.armx
_____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
