[Mailman-Users] Security in an nnouncement only list
Brad Knowles
brad at stop.mail-abuse.org
Fri Sep 3 01:34:32 CEST 2004
At 3:55 PM -0700 2004-09-02, Jeff Pflueger wrote:
> Everything is working great, but there seems to be a glaring security
> hole: Somebody can fake the From: in the email and post to the entire
> list.
Yup.
> The best way around this (available in the Listserv software)
> is an email confirmation sent to the poster.
You could reject all postings from unapproved addresses, and
moderate your own. When you get the notice that there is a message
to moderate, you can release it from the web interface.
> Is there a way to set this up in mailman? Could I set up the poster
> to be moderated by himself or something like that?
Essentially, yes.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the Mailman-Users
mailing list