[Mailman-Users] prevent address spoofs [dnk]

JC Dill lists05 at equinephotoart.com
Fri Jan 27 01:09:30 CET 2006

Dustin Krysak wrote:
> Good day -- I am looking at using mailman for a list that will just  
> have 1 -4 addresses that will be authorized to actually post to the  
> list. I am also looking for a way to manage list members with a web  
> interface as well as the usual subscription type functions.  Now one  
> of my main concerns is if someone actually spoofs one of the  
> authorized email addresses. Does mailman have a good security measure  
> for preventing that? That is without having to approve every post  
> through a web interface?

One way to accomplish your goal is set-up your list as an announcement 
list where every message must be approved before sending on to the 
subscribers.  Then you give the 4 individuals the moderator approval 
password and they include that password in the headers or first line of 
each post they make to the list.  Mailman strips off the approval line 
and then sends the message on to the list subscribers.  If someone 
forged one of these senders when sending to the list the message would 
be held for approval because it didn't have the password.




More information about the Mailman-Users mailing list