[Mailman-Users] MailMan For LAN Only

Adam McGreggor adam-mailman at amyl.org.uk
Fri Aug 7 13:46:56 CEST 2009

On Wed, Aug 05, 2009 at 11:54:44AM -0400, Carlos Williams wrote:
> I am wanting to implement MailMan for my company LAN. I am currently
> running my email server on Postfix. I am wondering if someone can
> answer these questions for me. If I install MailMan / Apache on my
> mail server, will the MailMan list be visible by anyone on the web who
> can access my mail server via Apache? 

"visible" in which regard? via Apache, it's possible to restrict
access to subnets, for example. Firewall rules can also be invoked.

(in short: depends how you set it up.)

Presumably Postfix supports some sort of ACLs, which may "help" in
keeping your list(s) to people/addresses you've explicitly
whitelisted, or something similar. Or just rely on Mailman's handling
of non-members.

> I am worried about spammers
> using MailMan to harvest valid email addresses. Even though it appears
> from the reading I have done that non-members can't send to the list
> w/o moderator approval, I still don't want the vulnerability of
> exposing my subscribed members email addresses.

restrict seeing subscribers to admins only? use "strong" passwords,
perhaps. Disable access to specific mailman scripts from non-trusted
addresses? don't have archives available to the public internet? 

> Can someone please tell me if this is possible 

Should be...

> and or how I should consider configuring MailMan for my LAN?

... although most of what you're after, as I understand it, is
not within Mailman itself, but down to webserver/firewall/MTA
configuration (well, that's how I might go about sorting out a
'private' installation)

``Have you always been revolutionary socialists?''
``No, we vote Conservative.''  (Simon Hoggart, interviewing a middle-class
                                couple at a reading of Tony Benn's speeches)

More information about the Mailman-Users mailing list