Disable member configuration options
![](https://secure.gravatar.com/avatar/1f59702e4a3d1f7933b985c3564f768f.jpg?s=120&d=mm&r=g)
Hi to all, Is there a way to disable users-members from changing some or all of their configuration options?
I think this is very important because some of these options should in some cases be available only to administrators.
In my case I want to have a public list in terms on who can post to the list but I want the list to be private in terms of who can access the archives and to whom messages can be forwarded to. About the private archives there is an option and can be configured only by the admin. But for me I want posts to be forwarded only to people that are members of the list and belong to my domain and not to the members that do not belong to my domain.
This way my mail server wont forward spam to other domains (via the list) and people outside my domain will still be able to read the list's posts.
This could be solved if the option to Enable mail delivery was not available in user's configuration page, or if the user could be dissalowed to change his options somehow.
Thank you
Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
![](https://secure.gravatar.com/avatar/39636a12ae5031866c8db17a81dfb330.jpg?s=120&d=mm&r=g)
As far as the public list for posting with private for receiving and viewing archives you could create a mail address on your website (or use the default <list-owner@yourdom.ain>) and forward all mail to the list
open the admin web page Click privacy options Click Senders filters Go to: List of non-member addresses whose postings should be automatically accepted. Enter the email address that forwards to the list Click submit changes.
Hope that helps!
John Papapanos wrote:
![](https://secure.gravatar.com/avatar/746f7519ba02fb0d815e59f305c53fa2.jpg?s=120&d=mm&r=g)
John Papapanos wrote:
Is there a way to disable users-members from changing some or all of their configuration options?
Only by changing the code in Mailman/Cgi/options.py and Mailman/Commands/cmd_set.py.
Perhaps this is the case in some highly unusual situations, but in general it is appropriate for users to have control of their own options.
So set Privacy options...->Sender filters->generic_nonmember_action to Accept so anyone can post and set Privacy options...->Subscription rules->ban_list to a regex that matches all addresses not in your domain. E.g.,
^.*@(?!example\.com)$
or if you want to allow sub-domains within your domain
^.*@(.*\.)?(?!example\.com)$
See <http://docs.python.org/lib/re-syntax.html>.
If you do the above, anyone can post to the list, member or not, but only people with addresses in your domain can join the list and visit archives and receive posts.
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/1f59702e4a3d1f7933b985c3564f768f.jpg?s=120&d=mm&r=g)
Hi to all again and thanks for your postings. I think I found a way round my problem with mailman-2.1.9
I thougth it would be nice to share by solution with any one else wanting to use mailman in a confiuration similar to mine. Although as stated before mailman is not designed to serve as a spam blocker for the lists on your domain I think it can somehow do this. This is the problem I wanted to solve and the solution I came up with:
The Problem.
At my domain (mydomain.com), I had several mailing lists implemented by the emebeded mechanism of the mail server program (/etc/aliases). A list called mylist (mylist@mydomain.com) had several mail acounts where some of them where outside mydomain.
mylist: user1@mydomain.com user2@mydomain.com outuser1@otherdomain1.com outuser2@otherdomain2.com
When mails were sent to the list my mail server forwarded the messages to all the above members. Considere now this scenario: A spammer sends a spam mail to the list. The spam is not blocked by my spam filter program and is forwarded to the above members. In this case although my mail server is not an open relay the a spammer was able to send spam from my mail server to other domains. The receiving otherdomain mail servers when they catch the spam mail may ilform me that I send spam or in an extreme case they could also record my mail server in an RBL and block future messages originating from my domain.
The Requirements
To avoid a situation like the above I want to host a mailing list where:
- Anyone (member or not) can post to the list
- Only list members can read the list's postings
- List members can be from both mydomain and otherdomain.
- Messages are only forwarded to the mail-clients of only the list members that belong to mydomain.
5.But the how members of otherdomain will be able to read the postings in the list?
The Solution
Use mailman. Create web based mailing lists where all of the above requirements are met and where otherdomain list members can read the postings via the web archive.
How-To
- Create the list mylist@mydomain.com
- Subscribe the users (req. 3)
- Make the list archives private (req. 2)
- Set the "Privacy Options"->"Sender Filters"-> generic_nonmember_action=Accept (req. 1)
- Enable the "membership management" -> "nomail" option for all the otherdomain users.
That should do it. But as mailman is so configurable for users otherdomain users can change the nomail option from either the web or the e-mail interface.
Don't allow users to change their nomail option from
the web interface: As list admin go to "Edit the public HTML pages and text files"->"User specific options page" find the html code that refers to mail delivery options and delete it. Now when the user visits his conf. wont be able to change the nomail option.
But the user can also change this option via the
email interface, so disable the e-mail interface for this list.
Configure the auto-responder for the mylist-request address: Set "Auto-responder"->autorespond_postings="yes" Set "Auto-responder"->autorespond_requests="Yes,w/discard"
and add an appropriate text to the auto-response message.
Thats it.
Sorry for the long message but I think this could be usefull to some people and it adds extra value to mailman as a more appropriate tool to host mailing lists than embeded mail-server mechanisms.
Any suggestions, opinions arguments for the above are welcome.
Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
![](https://secure.gravatar.com/avatar/39636a12ae5031866c8db17a81dfb330.jpg?s=120&d=mm&r=g)
As far as the public list for posting with private for receiving and viewing archives you could create a mail address on your website (or use the default <list-owner@yourdom.ain>) and forward all mail to the list
open the admin web page Click privacy options Click Senders filters Go to: List of non-member addresses whose postings should be automatically accepted. Enter the email address that forwards to the list Click submit changes.
Hope that helps!
John Papapanos wrote:
![](https://secure.gravatar.com/avatar/746f7519ba02fb0d815e59f305c53fa2.jpg?s=120&d=mm&r=g)
John Papapanos wrote:
Is there a way to disable users-members from changing some or all of their configuration options?
Only by changing the code in Mailman/Cgi/options.py and Mailman/Commands/cmd_set.py.
Perhaps this is the case in some highly unusual situations, but in general it is appropriate for users to have control of their own options.
So set Privacy options...->Sender filters->generic_nonmember_action to Accept so anyone can post and set Privacy options...->Subscription rules->ban_list to a regex that matches all addresses not in your domain. E.g.,
^.*@(?!example\.com)$
or if you want to allow sub-domains within your domain
^.*@(.*\.)?(?!example\.com)$
See <http://docs.python.org/lib/re-syntax.html>.
If you do the above, anyone can post to the list, member or not, but only people with addresses in your domain can join the list and visit archives and receive posts.
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/1f59702e4a3d1f7933b985c3564f768f.jpg?s=120&d=mm&r=g)
Hi to all again and thanks for your postings. I think I found a way round my problem with mailman-2.1.9
I thougth it would be nice to share by solution with any one else wanting to use mailman in a confiuration similar to mine. Although as stated before mailman is not designed to serve as a spam blocker for the lists on your domain I think it can somehow do this. This is the problem I wanted to solve and the solution I came up with:
The Problem.
At my domain (mydomain.com), I had several mailing lists implemented by the emebeded mechanism of the mail server program (/etc/aliases). A list called mylist (mylist@mydomain.com) had several mail acounts where some of them where outside mydomain.
mylist: user1@mydomain.com user2@mydomain.com outuser1@otherdomain1.com outuser2@otherdomain2.com
When mails were sent to the list my mail server forwarded the messages to all the above members. Considere now this scenario: A spammer sends a spam mail to the list. The spam is not blocked by my spam filter program and is forwarded to the above members. In this case although my mail server is not an open relay the a spammer was able to send spam from my mail server to other domains. The receiving otherdomain mail servers when they catch the spam mail may ilform me that I send spam or in an extreme case they could also record my mail server in an RBL and block future messages originating from my domain.
The Requirements
To avoid a situation like the above I want to host a mailing list where:
- Anyone (member or not) can post to the list
- Only list members can read the list's postings
- List members can be from both mydomain and otherdomain.
- Messages are only forwarded to the mail-clients of only the list members that belong to mydomain.
5.But the how members of otherdomain will be able to read the postings in the list?
The Solution
Use mailman. Create web based mailing lists where all of the above requirements are met and where otherdomain list members can read the postings via the web archive.
How-To
- Create the list mylist@mydomain.com
- Subscribe the users (req. 3)
- Make the list archives private (req. 2)
- Set the "Privacy Options"->"Sender Filters"-> generic_nonmember_action=Accept (req. 1)
- Enable the "membership management" -> "nomail" option for all the otherdomain users.
That should do it. But as mailman is so configurable for users otherdomain users can change the nomail option from either the web or the e-mail interface.
Don't allow users to change their nomail option from
the web interface: As list admin go to "Edit the public HTML pages and text files"->"User specific options page" find the html code that refers to mail delivery options and delete it. Now when the user visits his conf. wont be able to change the nomail option.
But the user can also change this option via the
email interface, so disable the e-mail interface for this list.
Configure the auto-responder for the mylist-request address: Set "Auto-responder"->autorespond_postings="yes" Set "Auto-responder"->autorespond_requests="Yes,w/discard"
and add an appropriate text to the auto-response message.
Thats it.
Sorry for the long message but I think this could be usefull to some people and it adds extra value to mailman as a more appropriate tool to host mailing lists than embeded mail-server mechanisms.
Any suggestions, opinions arguments for the above are welcome.
Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
participants (3)
-
Dennis Morgan
-
John Papapanos
-
Mark Sapiro