If your "small (text) list of folks" are not logged in local to the majordomo/sendmail
server, you will not be able to shut down incoming SMTP traffic. With sendmail 8.12,
you can define an interface to listen on, which would allow you to disable incoming
SMTP traffic on the "public" interface. This still does not prevent the problem IF
the problem is with users on your same network. Prior to 8.12, you could shut down
specific addresses from being reached by anyone except localhost. The submit program
seems to break this strategy.
Dan Liston
Mark Cartwright wrote:
> I have a list that currently only accepts posts from a small (text) list of folks; this part works well.
>
> However, there seems to be nothing stopping some arbitrary person from manipulating the mail header for the "From:" address and inserting an "accepted" email, thereby allowing anyone with knowledge of a valid post user and how to modify the From: mail header from posting to any list.
>
> Is there some other facility, shy of denying all inbound SMTP traffic, of gaining some higher level of control over who can actually send to the list?
>
> Thanks for any replys.
>
> For completeness, my realivant version information:
>
> Majordomo v1.94.5
> Sendmail v8.11.7+Sun
References:
|
|
