Great Circle Associates Majordomo-Users
(October 2003) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Moderated lists...
From: Daniel Liston <dliston @ sonny . org>
Date: Thu, 02 Oct 2003 14:08:46 -0500
To: Dani Koesterich <Dani @ MasterMailings . com>
Cc: Majordomo-Users @ greatcircle . com
In-reply-to: <5.0.2.1.2.20031002120245.0125e150@mail.mastermailings.com>
References: <5.0.2.1.2.20031002120245.0125e150@mail.mastermailings.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) 
I would not say you have done anything wrong (other than
somehow advertise that users can send to the -list alias
of your mailing list).  Preventive and Recovery measures
are now required.

1.  Change the listname alias so that resend delivers to
a different address.  Something obscure like -yomama is
not likely to be guessed easily.

2.  Expand the thought above by also preventing the -yomama
alias from being revealed in the headers of outgoing mail
by your MTA.  In the case of sendmail, simply adding another
recipient (,nobody) after -yomama will do the trick.

3.  Allow sendmail to see and use the listname-yomama alias
but prevent it from being used by anyone else.  This requires
an entry in /etc/mail/virtusertable (on newer sendmails) that
looks like this;

/etc/mail/virtusertable
listname-yomama@mydomain.com	error:nouser User unknown

and I might as well complete this response aliases examples;

/etc/aliases
listname: "|/path-to/majordomo/wrapper resend -l listname listname-yomama,nobody"
listname-owner: you,
owner-listname: listname-owner
listname-yomama: :include:/path-to/majordomo/lists/listname
listname-request: "|/path-to/majordomo/wrapper request-answer listname"
listname-approval: moderator@where.ever

Other aliases available, but the above should be considered the
minimum alias requirement for a moderated list with sendmail as
the MTA.

Of special note are:
a. ,nobody in the listname alias
	This prevents sendmail from showing listname-yomama in
	the "Received:" headers of outgoing mail.
b. the trailing comma on the RHS of listname-owner
	This prevents sendmail from rewriting "To: listname-owner"
	as "To: you"
c. global replacement of -list with -yomama
	Recovery method since people already know of listname-list.
d. and existance of a listname-request address
	This address is required by RFC 2142 for all mailing lists.
	It can be directed to a human or an automated script.

Dan Liston

Dani Koesterich wrote:

> Hi,
> 
> I'm having what seems to be a really 'stupid' problem.
> I've set moderate = yes  in my config file, and I've set moderator
> to my email address. I've also setup all the passwords, and have
> set restrict_post to a file I created containing just my email address.
> 
> Yet, for some reason, any user on this list can submit messages
> to listname-list@mydomain.com and the whole list recevies the
> message instantly. This is an announcement list, so I need to configure
> my majordomo so that ONLY I can post, and all others are rejected.
> 
> What am I doing wrong?
> 
> Dani
References:
Indexed By Date Previous: Re: sending out auto-replys from defunct lists
From: Daniel Liston <dliston@sonny.org>
Next: netzero com and net
From: "Dean's Mail" <deansmail@complanners.com>
Indexed By Thread Previous: Re: netzero com and net
From: Daniel Liston <dliston@sonny.org>
Next: Re: Moderated lists...
From: Daniel Liston <dliston@sonny.org>
Google
 
Search Internet Search www.greatcircle.com