[Mailman-Developers] Re: Cute TMDA use

JasonR.Mastaler JasonR.Mastaler
Sun, 28 Jul 2002 20:25:33 -0600

J C Lawrence <claw@kanga.nu> writes:

>   No more problems with posters from non-subscribed addresses.  They
>   have a subscription to _GET_ mail and to define an allowed posting
>   address.  They can (trivially) define additional allowed posting
>   addresses by just posting from them and confirming the post to get on
>   the whitelist.

Yup.  One thing I also do is share an auto-whitelist among all the
lists on my server.  So, if claw@kanga.nu confirms his post to
tmda-users, he'll instantly be able to post to tmda-workers as well.
This makes things even more transparent for the end-user,
particularly at sites hosting many lists.

> You're now essentially back in the old days of the 1980s when we
> could safely run open lists.

Once in a blue moon, a spammer will actually confirm his spam to a
list, which then requires a bit of intervention to remove the address
from the auto-whitelist, and blacklist it.  But, you'll also now have
a verifiable address to use to track him down and fry his ass <wink>.

However, this is rare.  It hasn't happened on any of my lists in the
five months since I implemented this setup.