Re: Digest

[peter @ taronga . com (Peter da Silva)]

>    Oh btw, I was just curious and sent a message to majordomo-users-outgoing
> and it seemed to work, bypassing resend completely.  Now what if the list
> is MODERATED?  Looks like a hole to me.  The solution is simple though.. just
> change -outgoing into some other random words of you choice.

And they'll still show up in every message:

| Received: (majordom@localhost) by miles.greatcircle.com (8.7.1/Miles-950430-1) id VAA11606 for majordomo-users-outgoing; Sun, 29 Oct 1995 21:08:14 -0800 (PST)

Having resend use this trick to avoid doing list expansion itself is cute,
but it opens up a potential security hole, and depends very strongly on having
a mail routing layer equivalent to sendmail. It should be possible to pass a
file to resend. I don't know much perl, but how about something like this?

args = ""
foreach $entry @ARGV {
	if ($entry ~ /^\/*/) {
		if (!open(IN, $entry)) {
			die("resend: Can't open $entry: $!");
		}
		while(<IN>) {
			$args = $args . " " . $_
		}
		close(IN);
	} else {
		$args = $args . " " . $entry
	}
}

$sendmail_cmd = "/usr/lib/sendmail $opt_m -f$sendmail_sender " . $args

This should work for mailing lists with fewer than several thousand entries,
that aren't running on older systems.

I don't use sendmail as the routing agent at work because of security
problems endemic to sendmail implementations. Shouldn't "/usr/lib/sendmail"
all through majordomo be replaced by something from the cf file?