On Tue, 26 Nov 2002, Roger B.A. Klorese wrote:
> Paul Maddox wrote:
>
> >surely only people who are on the list can send email to the list? and
> >only majordomo/resend shoudl be able to send stuff to mylist-outgoing ?
> >
> Not if you do a typical MTA setup with the aliases as documented -- what
> magic would precent anyone else from sending to that alias?!
Paul, the most commonly used defense against unwelcome non-member posting
(spam or whatever) is three-pronged. In what follows, substitute your
actual list name for "listname".
1) Create a closed allowing only list members to post to the list with the
following in list.config:
restrict_post = listname
2) As has already been mentioned, add ,nobody to aliases that reference
your -outgoing alias, to prevent the -outgoing address from appearing in
message headers:
listname: "|/usr/local/majordomo/wrapper resend -l listname
listname-outgoing,nobody"
3) Assuming the MTA is sendmail (I assume other MTAs have similar
capability), add entries like this to /etc/mail/virtusertable to block
messages sent directly to the -outgoing alias. This does not prevent the
aliases from being expanded correctly in the normal operation of
majordomo.:
listname1-outgoing@domain.tld error:nouser User unknown
listname2-outgoing@domain.tld error:nouser User unknown
listname3-outgoing@domain.tld error:nouser User unknown
4) If you want, you can disguise the -outgoing alias by calling it
something less obvious ("blurgenjiggle" instead of "listname-outgoing" for
example), but this makes troubleshooting more difficult unless you keep
careful track of what mangled -outgoing alias you used for each of your
lists. I don't bother, since the virtusertable entries described above
block mail sent directly to the -outgoing aliases.
--
Chip Old (Francis E. Old) E-Mail: fold@bcpl.net
Manager, BCPL Network Services Phone: 410-887-6180
Manager, BCPL.NET Internet Services FAX: 410-887-2091
320 York Road
Towson, MD 21204 USA
References:
|
|
