[Mailman-Developers] 2.1.8 documentation mismatch
Ian Eiloart
iane at sussex.ac.uk
Thu Jun 8 18:24:39 CEST 2006
--On 8 June 2006 16:54:40 +0100 David Lee <t.d.lee at durham.ac.uk> wrote:
>
>> [...] It's far better to insist on authenticated SMTP for ALL
>> message submission.
>
> That would, indeed, probably be the ideal. But that would itself mean
> that all paths by which the Mailman machine might be reached would have to
> be known to have an enforced mechanism for authenticated SMTP. (And what
> about (say) "cron" jobs generating email which might legitimately go
> through lists?)
Well, I guess that a typical Message Submission Agent would require
authenticated SMTP *except* for a list of specificed (host IP, sender email
address) pairs.
> An insitution's (university's) "smtphost" service might naturally restrict
> access to its own users and thus the authentication could use, say, its
> central NIS/AD/LDAP-like user-base. But its Mailman service might extend
> considerably beyond those bounds to include collaboration with other
> places, for which a much wider user-base would be needed. (Suppose, for
> instance, that this very "mailman-developers" list were hosted at your own
> university?)
True. But are you really asking people to email secrets around? If you are,
them I presume you're going to encrypt communication between your MTAs?
Otherwise none of this is going to gain you anything.
I presume you're going to have Mailman remove those tokens before delivery?
Otherwise spoofing will be just as easy as before. To be honest, I'm
skeptical about all of this. Do you have a history of people spoofing to
your lists?
> Even if those problems could be overcome, one would still need to ensure
> that Mailman can know for certain that authenticated SMTP had been used.
> Which takes us off to another branch (about Mailan API, milters, etc.)
> of this fragmenting discussion!...
--
Ian Eiloart
IT Services, University of Sussex
More information about the Mailman-Developers
mailing list