James,
Actually, using BOTH would be best. Any name not in the restrict_post
file, that tries to post is bounced to the owner/approval/moderator
address anyway. No matter what address the trouble maker, or list member
for that matter, uses. Unless it is the allowed poster address contained
in the restrict_post file, they will not be able to spam the list. If a
spammer did figure out the From: address to use, having moderation enabled
also requires a message to have an approval header/password before resend
will distribute the message to the list members. Of course this does no
good either, if you don't change the default passwords in your list.config
file.
Dan Liston
James wrote:
>
> Thus spake Duane Beck (duanebeck@earthlink.net):
>
> > What about setting the restrict_post list to contain only the admin's
> > address, instead of using moderator approval?
>
> That would work. I wouldn't recommend it though, imho. There is no
> guarantee the from header is authentic. Someone could figure this out and
> spam the list very easily.
References:
|
|
