[Mailman-Users] Bypass List Moderation
Karl Zander
kwz-mm at commpartners.com
Sun Jan 21 22:02:02 CET 2007
Thanks Mark. The vette logs show several other messages
approved at the same time as this suspect message. I am
guessing it was just an error on the list admins part.
We have a mischievous person forging From: headers and
posting to the list as if they were that subscriber. Any
way to fight this besides moderating everything? I have
noted FAQ 3.46 so I am guessing that full moderation is
our best way for now. mmreencrypt does not look too
current.
--Karl
On Sun, 21 Jan 2007 12:36:25 -0800
Mark Sapiro <msapiro at value.net> wrote:
> Karl Zander wrote:
>>
>>It is possible to get around list moderation? We have a
>>closed, moderated list. There is only one list
>>administrator. He claims he did not approve a message
>>that
>>was sent on to the list.
>>
>>Is it possible to craft a message that already contains
>>the
>>
>>X-Mailman-Approved-At: header and get by moderation?
>
>
> That header is informational only. Including it in a
>post won't affect
> moderation or other holds. You can bypass moderation by
>including a
>
> Approved: password
>
> header where password is either the admin or moderator
>password.
>
> You probably checked, but is the sender of the post a
>moderated member?
>
>
>>Are there logs of moderations actions?
>
>
> Holds and approvals of held messages are logged in
>Mailman's vette log.
>
> --
> Mark Sapiro <msapiro at value.net> The highway is for
>gamblers,
> San Francisco Bay Area, California better use your
>sense - B. Dylan
>
More information about the Mailman-Users
mailing list