Great Circle Associates Majordomo-Users
(October 1994) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: WWW + Majordomo
From: Steve MacLeod <smacleod @ sparc . uccb . ns . ca>
Date: Sun, 30 Oct 1994 12:14:33 -0400 (AST)
To: Paul Phillips <psphilli @ sdcc8 . UCSD . EDU>
Cc: majordomo-users @ GreatCircle . COM
In-reply-to: <Pine.3.89.9410291410.A8705-0100000@sdcc8.ucsd.edu> 

Speaking of authentication, I am looking at installing Berkeley Sendmail 
8.6.9 in place of the sendmail that comes from SUN (Solaris 2.3).

What is the general opinion on this pident server and the pident support  
built into 8.6.9, I understand that PC's and MAC's can masquerade pretty 
easy with this stuff, is it worth installing? I already run tcp wrappers.

Any known problems with 8.6.9 and Majordomo 1.92? 

Thanks
--------------------------------------------------------------------
Steve MacLeod    Microcomputer Specialist          (902)539-5300x625
Computer Centre  University College of Cape Breton
Sydney, N.S.     Fax (902)562-0119                 Canada  B1P 5S2

On Sat, 29 Oct 1994, Paul Phillips wrote:

> 
> 
> On Fri, 28 Oct 1994, Nelson Minar wrote:
> 
> > Has anyone put any effort into making a WWW front end to Majordomo?
> > http://coombs.anu.edu.au/CoombswebPages/Majordomo.html has the
> > beginnings of one - you can use checkboxes to send a "subscribe" or
> > "unsubscribe" message to their majordomo.
> 
> When I was at InterNIC I put together something similar; it has 
> subscribe, unsubscribe, and "send information" boxes for each of the 
> lists available at that time.  Putting others in would be trivial; it's at
> 
>  http://www.internic.net/internic/lists/majordomo.html
> 
> Email guide@is.internic.net if you're interested in seeing the code (it's 
> Perl.)
> 
> > [good ideas about WWW interface snipped]
> > I don't think any of this would be particularly difficult, but I don't
> > have a lot of time to do it up. There is a question of security, but
> > given how trivial it is to forge mail on the net anyway I don't think
> > this is worth worrying about.
> 
> It's a nice idea.  You can log the machine name initiating the connection 
> via the REMOTE_something http environment variable, which brings it to 
> the same level of security that SMTP offers.  We didn't have any problems 
> with abuse of the InterNIC WWW-majordomo interface; about the worst you 
> could do is subscribe someone else to a mailing list (fairly easy 
> anyway.) This would only work with open lists; no private_who or other 
> restrictive config options.
> 
> If someone wants to work around the existing security limitations and 
> implement something, I'm sure it would be used; I would prefer to wait 
> until SMTP, http, or both offers superior authentication before inviting 
> the coming WWW masses to mess around with it.
> 
>  -PSP
>
References:
Indexed By Date Previous: Re: Help with list setup
From: bill@biome.bio.ns.ca (Bill Silvert)
Next: resend unlink patch...again!
From: mike@nowaksg.chem.nd.edu (Mike Buening)
Indexed By Thread Previous: Re: WWW + Majordomo
From: Paul Phillips <psphilli@sdcc8.UCSD.EDU>
Next: Re: WWW + Majordomo
From: "Peter W. Losher" <plosher@ainet.com>
Google
 
Search Internet Search www.greatcircle.com