[Mailman-Users] Securing Apache.
John W Baxter
jwblist at olympus.net
Sun Aug 26 08:03:28 CEST 2001
At 21:48 -0700 8/22/2001, Phil Stracchino wrote:
>On Wed, Aug 22, 2001 at 09:25:24AM -0700, Jason C. Leach wrote:
>> I need to secure my MailMan lists from the public. We would like to use it
>> for internal communication recording and indexing. Can anyone suggest
>> how I would do this?
>All you need to do is make the list subscription policy to confirm+approve,
>set posting to members only, and restrict access to the /mailman/
>directory on your webserver to internal hosts.
In light of recent events at the (US) Air Force Academy, one might want to
be a little more private than the above. Such as a server which isn't
accessible to the great unwashed you're trying to keep out AND is protected
roughly as above. Then all you have to worry about is a foolish mistake by
an MUA user whose machine sees both sides of the firewall. (Seemingly,
that's not the same thing as happened at the Academy.)
John Baxter jwblist at olympus.net Port Ludlow, WA, USA
More information about the Mailman-Users