[Mailman-Users] Self-Approval against From Forgeries
kaerast at qvox.org
Thu Mar 19 12:05:50 CET 2009
On Wed, 18 Mar 2009 11:42:09 +0200 (IST)
Ephraim Silverberg <ephraim at cse.huji.ac.il> wrote:
> Certain lists of ours are sensitive and, hence, the members of the
> list want to ensure that messages are not sent to the list by an
> outsider that forges the From line of a valid list member.
Actually, there is another option which I'm surprised hasn't been
mentioned yet. If the list is sensitive then presumably everybody on
the list is trusted enough to have the password, in which case you
could just get people posting to the list to include an approved
header or the line Approved: [password] in the first line.
> If you are trying to send a post to the list which might otherwise be
> held, you can also include an Approved: line as the first body line.
> In this case, it is trickier, because the message will go to the list
> and if it is multipart/alternative with an html part, the Approved:
> line won't be removed from the html part. So you have to set OE before
> composing the message to send plain text. This is Tools->Options->Send
> tab, Mail Sending Format - Plain Text. You also have to follow the
> Approved: line with a blank line because current Mailman versions
> remove both the Approved: line and the first remaining line.
More information about the Mailman-Users