Here's a little more discussion about how to link up two related lists (like a discussion list and announcements list). I still haven't really solved the problem, but this info may still be helpful to other folks trying to set up similar list-relationships... (Also, if there is some option or feature I missed that would do what I want, please tell me :-)
My objective is: "test-announce" members get only stuff sent to "test-announce" "test" members get stuff from both "test" and "test-announce" Restrict posting to "test-announce" to subscribers of either "test" or "test-announce" (this part will be hard) Restrict posting to "test" to "test" subscribers (but allow test-announce messages in too)
Unfortunately there really is no way to do what I want. Restricting posting privilege to members only really only works for that specific list and doesn't seem to be compatible with cascading lists...
A feature that might be cool for a future version of Mailman might be to allow adding to "posters" setting (ie. Addresses of members accepted for posting to this list without implicit approval requirement.) in terms of "Members of (x) other list also on this machine". For example, the test-announce list can allow unmoderated posting from its own members (member_posting_only = yes) and additionally from "test" members... where "posters" list might include something like "members(test)". That is, things that look like members(*) in the list are taken to mean "allow from subscribers of x" where x is some other list.
This could be useful for any list whose posting list is different from its actual first-tier subscriber list... for example, if you have a "test-administrators" list, you can quickly set it up so that test-administrators are allowed to send announcements to test-announce, but nobody else (and you won't have to maintain two lists).
Anyway, given the current feature list, here are the two ways I found to set up linked lists.
Option one: simple alias hack
People subscribe to either "test-announce" or "test". Messages sent to test-announce are copied (via tweaking their aliases) to both lists. Mailman interprets this as if a message was sent to "test-announce" and BCC'd to "test". ("test" must be told that "test-announce" is an alternate alias to avoid mail being held for "Implicit destination")
This option is not great, because in order for any member (of either list) to send to test-announce, BOTH lists need to be set open to all senders (member_posting_only must be off). Here's why:
From test member to test-announce:
"test" copy goes through
"test-announce" copy held for approval (unless "test-announce" is open
to all senders)
From test-announce member to test-announce:
"test-announce" copy goes through
"test" copy held for approval (unless "test" is also open to all senders)
This option is easier to set up, and is great for smaller lists where outsiders are not as likely to try to spam the list (or you don't care if the odd external message makes it through). You would need to either open posting to everyone, hold all announcements for approval, or maintain a separate list of authorized senders to the announce list.
Option two: third "umbrella" list (as suggested by Ken M, with slight changes)
People subscribe to either "test-announce" or "test". Actual incoming mail for "test-announce" is really redirected to "test-umbrella". test-umbrella has two members, test and test-announce.
This only works if member_posting_only is turned off, and "test-umbrella-admin" is added as an authorized poster to both lists. Since the umbrella lists doesn't have any real people as members, turning on member_posting_only doesn't help... you still need to either open posting to everyone, hold all announcements for approval, or maintain a separate list of authorized senders to the announce list.
The advantage of option two is that you can leave the "discussion" list as restricted to its members. This would be better for a high-volume list that is unmoderated but doesn't take messages from non-members, except the occasional announcement (which you approve as they come or limit to a select few announcement-authorized people). In this model, members of the announce-only list don't have authority to send either announcements or discussion, unless you open the umbrella list to the entire world.
I would like to set up a couple lists to have archives, but only for the administrator to view. That is, I want the public "listinfo" pages NOT to have a link to the archives, and the "private" script not to let people in... but I'll set up another path to them within apache using an ".htaccess" protected directory.
The easiest way I can think of to do this is to disable the "private" script (or rename it) but keep archiving on... but this would affect all my lists, and I really only want "admin-private" archives on one or two lists.
Another way which would probably be more complicated is to turn off Archives (in the Mailman interface) but adjust the aliases so copies of the messages are sent to the arch program... this would be a little more awkward because it also archives rejected messages, and I am not confident enough with the new software to make this work quite yet.
Anyway, I will eventually figure out how to do this, but I wanted to ask in case someone has already done this before, or in case there is some feature or switch I am missing. (There is an option for making the "subscriber list" admin-private, but not for making archives admin-private). If anyone else is interested in the result, let me know and I'll copy you on anything I find out...
Thanks gregc
Greg Connor wrote:
I would like to set up a couple lists to have archives, but only for the administrator to view. That is, I want the public "listinfo" pages NOT to have a link to the archives, and the "private" script not to let people in... but I'll set up another path to them within apache using an ".htaccess" protected directory.
I would recommend modifying the Apache config itself. Specifically, doing something like:
<Location /mailman/private/the-archive> AuthName "admin-private archives" AuthType Basic AuthUserFile whatever Require user adminuser </Location>
Note that you are protecting a Location rather than a directory. This is why a .htaccess file isn't possible. I forget what the actual URL is for private archives, but this should give you the right idea.
Please let me know if this really does work. I'm just hypothesizing :-)
Cheers, -g
-- Greg Stein, http://www.lyra.org/
At 03:19 PM 3/28/99 -0800, Greg Stein wrote:
I would recommend modifying the Apache config itself. Specifically, doing something like:
<Location /mailman/private/the-archive> AuthName "admin-private archives" </Location>
Note that you are protecting a Location rather than a directory. This is why a .htaccess file isn't possible...
Here is what I ended up doing to make the archives readable by admins (I already had an .htaccess setup from the listproc archives). Basically, I took a hint from the way the public archives were set up, and made another directory "/home/mailman/archives/admin/" - the idea is that when I want to make archives accessible to admins, I just symlink them from private to admin...
[root@poly ~mailman/archives]# find /home/mailman/archives/admin/ -ls 255013 1 drwxrwxr-x 2 mailman mailman 1024 Mar 28 16:04 /home/mailman/archives/admin/ 255015 1 -rw-r--r-- 1 root root 152 Mar 28 16:00 /home/mailman/archives/admin/.htaccess 255020 1 lrwxrwxrwx 1 http mailman 15 Mar 28 16:04 /home/mailman/archives/admin/test -> ../private/test 255035 1 lrwxrwxrwx 1 http mailman 20 Mar 28 16:04 /home/mailman/archives/admin/test.mbox -> ../private/test.mbox
Then I told apache to look there for the URL http://.../admin-archives/ with srm.conf: Alias /admin-archives/ /home/mailman/archives/admin/
Auth was set up like you would expect for .htaccess (once you set AllowOverrides AuthInfo - doh! You also need Options FollowSymlinks or Options SymLinksIfOwnerMatch for the above directory)
In other words, I'm setting up apache with an alternate route to the archives other than through "private"...
However your suggestion is a great one for how to shutdown the "private" script for certain archives and leave them open for others. One side effect of that would be that if I protect the "private" script with a "location" section, the admin would have to type the htaccess name and passwd, THEN type their list-subscription name and passwd in the form that follows... In the short term I think I will probably just disable the cgi-bin/private script entirely.
My big problem NOW is how to munge the list pages so that there isn't a link to "Click here for the archives!" (since the archives will be for the admin's use only, no sense advertising their existence). But, I want to disable this without turning off archiving entirely. I think for now it would work to just edit the templates so that there is no mention of the archives (and if some list admins want archives to be public, they can publish the URL elsewhere).
Thanks for your help... (I will let you know if I come up with anything slicker, in case you're interested :) gregc
Greg Connor wrote:
... Here is what I ended up doing to make the archives readable by admins (I already had an .htaccess setup from the listproc archives). Basically, I took a hint from the way the public archives were set up, and made another directory "/home/mailman/archives/admin/" - the idea is that when I want to make archives accessible to admins, I just symlink them from private to admin...
Ah. Interesting approach. That should work well.
... Auth was set up like you would expect for .htaccess (once you set AllowOverrides AuthInfo - doh! You also need Options FollowSymlinks or Options SymLinksIfOwnerMatch for the above directory)
Note that .htaccess is much slower than configuring via httpd.conf. If you have permissions to edit httpd.conf, then you should always use that approach (IMO).
In other words, I'm setting up apache with an alternate route to the archives other than through "private"...
However your suggestion is a great one for how to shutdown the "private" script for certain archives and leave them open for others. One side effect of that would be that if I protect the "private" script with a "location" section, the admin would have to type the htaccess name and passwd, THEN type their list-subscription name and passwd in the form that follows... In the short term I think I will probably just disable the cgi-bin/private script entirely.
Ah. Didn't think about that :-)
But yes... my approach does allow discrimination on a per-list basis. Your approach requires shutting down the private area (which you did).
My big problem NOW is how to munge the list pages so that there isn't a link to "Click here for the archives!" (since the archives will be for the
Easy. In the admin screen, go to the "Edit HTML" section and pull up the listinfo page template. There is a tag that says something like <MM-Archive>. Just remove it.
Cheers, -g
-- Greg Stein, http://www.lyra.org/
participants (2)
-
Greg Connor -
Greg Stein