[Mailman-Users] How do I run 2.x mailman more securely?
gtaylor at tnetconsulting.net
Thu May 31 21:24:48 EDT 2018
On 05/31/2018 06:37 PM, incoming-pythonlists at rjl.com wrote:
> Both are valid alternatives. There may be performance advantages,
> to stopping attacks at the firewall level instead of higher up in the
> application stack.
Agreed, on both accounts.
Firewalls also have a tendency to protect multiple machines, not just
one. (I'm referring to network appliance type firewalls, not host based.)
> No, this is not security through obscurity. It runs on a different
> port so I can add firewall rules that effect only mailman service and
> not other web applications.
> I need to give my users a url that they can easily remember. It's too
> complex to have to give them urls with port numbers in them, and since
> this is not security through obscurity, it is not a problem.
> There are many ways to implement the same thing. Before there were
> modules in the kernel for this, I simply pulled lists of address blocks
> out of databases and incorporated them into my IPtables lists. There are
> better tools to do this today.
I'm curious, did you use IPSets or just a rule per network / IP?
> It was unclear from the OPs initial posting whether it was a private
> or a public mailing list. What I describe here probably would not be
> appropriate for a public list and the best solution there is probably to
> upgrade to mailman 3 if they need a more secure interface that is wide
> open to the public. VPN and/or fwknop (which is primarily SPA though the
> older port knocking is still supported) are more suitable if you have
> a private list where user membership must be approved anyway and your
> moderators and admins might use these tools to have access to mailman,
> but the web GUI would be blocked from public access.
> Certainly adding web server based username authentication sounds pretty
> cumbersome to me because users would have to login twice,
Maybe, maybe not.
I've seen applications that can re-use the web server's authentication
mechanism. This would likely be a code change to Mailman. (I have no
idea how big.)
> though from a security standpoint it would help protect from
> vulnerabilities in the mailman web GUI.
> There's no one answer to solving these problems. I'm only sharing
> ideas that have worked for me. The less of the public Internet that
> can apply brute force attacks on your web interface, the less likely
> you are to have a compromise. Also, the less junk in your log files,
> the easier it is to monitor the logs.
Nope. Hence my interest in what others have done and why the did it.
I'm always interested in observing and hopefully learning.
> I plan to go to mailman 3, but in the meantime I have minimal issues with
> attacks on my mailman GUI. Maybe not the perfect solution for everyone,
> but it is effective.
If it does what you need it to and you feel comfortable maintaining it,
then more power to you.
Grant. . . .
unix || die
More information about the Mailman-Users