Re: [Mailman-Developers] Thoughts on processing for pre-approved messages
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 3/18/2012 3:28 AM, Stephen J. Turnbull wrote:
... Having both one or more Handlers and a special seems like overkill, especially since really one checks the header and the other deletes, completely different functionality. Wouldn't it be better to have a class variable Mlist.approval_headers = ["Approve", "X-Approve"] and have
for h in mlist.approval_headers: if msg[h] == mlist.moderator_password: return True return False
for the chain rule and
for h in mlist.approval_headers: del msg[h]
in a RemoveApprovalHeaders.py pipeline handler?
If that were all that was required, that would be fine. The problem is that we allow approval via a pseudo-header as the first non-blank body line in the first text/plain part of the message, and we have to look for it there and if found, not only remove it from that part, but also from any alternative parts in which it might appear.
It's the removal of this pseudo-header from text/html alternatives that is the hard part. See the comment thread at <https://bugs.launchpad.net/mailman/+bug/266220>.
... I think that more likely the problem will be that people will misspell the header, or use it in list that doesn't support approval-by-header, or grab an incorrect password out of an old message, or whatever.
Incorrect password is not an issue because we remove it anyway. The other things *should* not be a problem because in theory the poster wouldn't use the header if it weren't required, and in that case, the post will be held since it isn't pre-approved. Of course in practice, held posts get approved even if they might leak a password and users do all sorts of things that don't make sense :(
Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32)
iD8DBQFPZiKDVVuXXpU7hpMRAnmWAKD8z234ZKDZGFkAah8jiVW4/Zmd1wCgrtF8 tzWfzmXSJ1uycAo3yeMLpQA= =08Vm -----END PGP SIGNATURE-----
On Mon, Mar 19, 2012 at 2:59 AM, Mark Sapiro <mark@msapiro.net> wrote:
If that were all that was required, that would be fine. The problem is that we allow approval via a pseudo-header as the first non-blank body line in the first text/plain part of the message, and we have to look for it there and if found, not only remove it from that part, but also from any alternative parts in which it might appear.
It's the removal of this pseudo-header from text/html alternatives that is the hard part. See the comment thread at <https://bugs.launchpad.net/mailman/+bug/266220>.
OK, will do.
We really need a better way of doing this. Something like requiring that all parts for which approval is requested be signed by an authorized private key, and unsigned parts be stripped. Of course that will leave most people out in the cold ....
Incorrect password is not an issue because we remove it anyway.
That's true, assuming you do find it. The real problem is whether you're trying to find it:
The other things *should* not be a problem because in theory the poster wouldn't use the header if it weren't required, and in that case, the post will be held since it isn't pre-approved. Of course in practice, held posts get approved even if they might leak a password and users do all sorts of things that don't make sense :(
Precisely. Most people use Mailman *because* they have no idea what makes sense. That's really the most important point about automation. It empowers people to accomplish tasks that they can't do on their own.
This requires them to trust the automation, of course, and that's often not a great idea. But "published source" helps.
participants (2)
-
Mark Sapiro -
Stephen J. Turnbull