[Mailman-Users] Help! Restricted posting Problems (need to approve list-member posts)
Christopher P. Lindsey
lindsey at mallorn.com
Wed Jul 19 07:12:35 CEST 2000
> > I do not know why Mailman adds this bogus "Sender", and seems to
> > rely on it to determine membership.
>
> The Sender field is not bogus, is a standard mail header, and is
> added (likely) by the first MTA you hand off your message to.
> Mailman by default authenticates membership on the basis of the
> Sender: header (think about the problem of address forgery for the
> reasons why). You can edit mm_cfg.py to authenticate by the From:
> header instead.
I submitted a bug report to the jitterbug database about a year
about this:
http://www.python.org/mailman-bugs/incoming?id=110
The biggest problem with using the Sender: header is that it
violates RFC 822. The URL above has the excerpts explaining
why.
In all seriousness, what setting is in mm_cfg.py to change the
authentication? I haven't played with the new beta versions
at all, so sorry if I'm being stupid here....
> Rather than doing that however I would subscribe your posting
> address and set it to NOMAIL. That way authentication remains
> strong (well, sorta, its just less easy to forge) and the system
> works as desired.
Interesting idea!
Chris
More information about the Mailman-Users
mailing list