Majordomo-Users: Re: moderator/resend can be bypassed in majordomo

Majordomo-Users
(June 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: moderator/resend can be bypassed in majordomo
From:	"John P. Rouillard" <rouilj @ cs . umb . edu>
Date:	Wed, 22 Jun 1994 12:54:49 -0400
To:	Chris Allen <oke @ cairo . anu . edu . au>
Cc:	majordomo-users @ greatcircle . com
In-reply-to:	Your message of "Wed, 22 Jun 1994 16:46:29 +1000." <199406220646.QAA26194@cairo.anu.edu.au>

In message <199406220646.QAA26194@cairo.anu.edu.au>, Chris Allen
writes:
>There is a problem with trying to enforce moderation of mailing lists
>in majordomo.  It is possible to bypass the resend program, and
>hence the moderator.

Only if they know the name of the outgoing alias, but that is usually
trivial to get from SMTP using VRFY or EXPN.

>exec: "|/pub/majordomo/wrapper resend -l exec -h cairo.anu.edu.au exec-outgo
>ing"
>exec-outgoing: :include:/pub/majordomo/spool/lists/exec,
>  "|/pub/majordomo/wrapper archive2.pl -f
>     /pub/majordomo/spool/digest/exec/archive -a -m"
>
>Now, by sending a message to "exec-outgoing" instead of "exec" the
>resend program is not run.  (Hence moderation doesn't work along
>with other resend facilities)

Run the smtp sendmail daemon with a truncated aliases file that is not
the standard file in /etc/aliases. Since you are running as root, the
change of the cf file and the new alis file specified in the new cf
file shouldn't cause any operational problems. Set up the /etc/aliases
file with full info about the lists (just as your current aliases file
is set up). This way regular invocations of /usr/lib/sendmail (via
majordomo, or whatever) will do all of the expected stuff, and be able
to find the -outgoing address. However your sendmail runing in daemon
mode won't know about any of the outgoing addresses. This also stops
people from EXPN, or VRFY 'ing the outgoing addresses to get a list of
users.

The drawbacks are:

	people sending mail from your majordomo host can still use the
	-outgoing alias.

	changing sendmail.cf's even for root may not work as intended

	you have to maintain two sets of alias files

The third problem can be overcome by having a master alias file and
eliminating all non-external info using a program such as perl or sed.

				-- John
John Rouillard

Senior Systems Consultant (SERL Project) University of Massachusetts at Boston
rouilj@cs.umb.edu (preferred)            Boston, MA, (617) 287-6480
==============================================================================
My employers don't acknowledge my existence much less my opinions.

References:

moderator/resend can be bypassed in majordomo
From: Chris Allen <oke@cairo.anu.edu.au>

Indexed By Date	Previous:	setup help (majordomo 1.90) From: Stefanos Damianakis <snd@cs.Princeton.EDU>
Indexed By Date	Next:	Re: setup help (majordomo 1.90) From: David Barr <barr@pop.psu.edu>
Indexed By Thread	Previous:	moderator/resend can be bypassed in majordomo From: Chris Allen <oke@cairo.anu.edu.au>
Indexed By Thread	Next:	setup help (majordomo 1.90) From: Stefanos Damianakis <snd@cs.Princeton.EDU>