I have just set up v1.94.4 on a Solaris 2.5.1 system
(first time user). My client would like to block
*all* outside access to majordomo. I have studied
the documentation, FAQ, a book (Managing Internet
Information Services) and archives trying to figure
out how to do the following:
Specificaly, I want to have majordomo drop all emails
directed to it that do not pass an array of REGEXP
filters (same idea as advertise/noadvertise). In
other words, the same technique used on
firewalls, namely; That which is not expressly
permitted is disallowed. I have set up the REGEXP for
advertise/noadvertise so "lists" don't get advertised
outside of my client's site, but my client doesn't
want any indication that a majordomo server even
exists. With my current configuration, if someone
were to email to email@example.com, they
would get a response (help, whatever) which would be
a clue that majordomo was running and could be the
target of subsequent attacks. I searched the
archives, and the closest thing I could find to how
to implement this were some messages from 1993.
Does this feature exist? If yes, where can I find it
in the docs? If no, does a patch or hack exist that
provides this functionality? I could hack it myself
to do this, but prefer to run vanilla majordomo so
future upgrades will be easier (won't have to rehack).
P.S. I don't want to have to manually approve all
requests either, so I would like the list to be
open+confirm... just not reachable from the outside.
DO YOU YAHOO!?
Get your free @yahoo.com address at http://mail.yahoo.com