[Mailman-Developers] Thoughts on processing for pre-approved messages
Stephen J. Turnbull
stephen at xemacs.org
Sun Mar 18 11:28:44 CET 2012
On Sat, Mar 17, 2012 at 2:41 AM, Mark Sapiro <mark at msapiro.net> wrote:
> I've gone around a bit on this and I've concluded this is analogous to
> the list poster password I implemented for 2.1. Presumably we don't
> want to allow this password to be used to authenticate to the web ui.
Right.
> We may want to allow it for authentication for certain email commands.
> I'm not sure about that one.
This is a list policy thing. I wouldn't allow it, but then I don't plan to use
X-Approve either.
> Now I see some issues with what rules/approved.py does. It checks for
> the header and validates the password. This is good. It also removes
> any header or body lines containing the pseudo-header from the
> message. Architecturally, this latter operation belongs in the
> pipeline, not in a chain rule.
Strictly speaking, yes, but the whole idea of Approved: is unclean enough
that I don't really have a problem with allowing a chain rule to remove the
Approved: header. But maybe there should be a pipeline Handler that
removes all Approved headers and pseudo-headers, regardless of whether
it would actually work on that list.
> we need a mlist.check_approved(msg, clean=True|False) method to do the
> heavy lifting.
I don't know about that. Having both one or more Handlers and a special
seems like overkill, especially since really one checks the header and the
other deletes, completely different functionality. Wouldn't it be
better to have
a class variable Mlist.approval_headers = ["Approve", "X-Approve"] and have
for h in mlist.approval_headers:
if msg[h] == mlist.moderator_password:
return True
return False
for the chain rule and
for h in mlist.approval_headers:
del msg[h]
in a RemoveApprovalHeaders.py pipeline handler?
> Unfortunately, this adds complexity and potential for
> security lapses if the rule hits but the pipeline doesn't remove the
> authentication.
Realistically, I don't think that's a problem. I think that more likely
the problem will be that people will misspell the header, or use it in
list that doesn't support approval-by-header, or grab an incorrect
password out of an old message, or whatever.
More information about the Mailman-Developers
mailing list