Well there seems to be a bit of discussion on list-managers about
privacy of addresses on lists. I figure this should be handled somehow
by majordomo. What I am proposing is the following:
private_who
private_which
get extended along with the other privates to be
private_* = [yes, no, password <password>, none]
so the options are:
private_who: yes # only people on list can do a who
private_who: no # anybody can do a who
private_who: password WhOAmI # you need to specify the pasword
# to do a who
private_who: none # the who command is disabled to everybody
There should also be some restrictions on "which" besides just the
yes/no/passwd/none ability so that the following message:
which a
which b
...
which z
doesn't act like a who statement. Any ideas about how to allow people
to figure out their own address, but prevent people from generating the
equivalent of a who statement?
Also, I will add a section to the Majordomo README about "anonymous"
lists where nobody can find out who is on the lists. This will cover
splitting alias files for sendmail lists so that:
test:"|/tools/majordomo/wrapper resend -l test -h cs.umb.edu test-outgoing"
test-digest:test
owner-test:rouilj
owner-test-outgoing:owner-test
# note that the "-digest" and "-digest-outgoing" suffixes
# are required to allow the majordomo mkdigest command, and the
# config code to work properly.
owner-test-digest:owner-test
owner-test-digest-outgoing:owner-test
test-request: "|/tools/majordomo/wrapper request-answer test"
test-digest-request: "|/tools/majordomo/wrapper request-answer test-digest"
test-approval:rouilj
test-digest-approval:test-approval
is in the standard /etc/aliases file, and the following:
test-outgoing::include:/usr/local/Lists/test,
"| /tools/majordomo/wrapper digest -r -C -l test-digest \
test-digest-outgoing",
"| /tools/majordomo/wrapper archive2.pl -a -m
-f /usr/local/mail/archive/test/test.archive"
test-digest-outgoing::include:/usr/local/Lists/test-digest
Are in a second alias file specified using the -o flag to sendmail, or
by using another config file for the sendmail that gets run by
majordomo. This way SMTP expn and vrfy queries for internal aliases
such as test-outgoing will fail. This also provides a measure of
protection from people posting directly to the outgoing address thus
bypassing resend or digest entirely.
Does any similar ability exist for smail?
Comments?
-- John
John Rouillard
Special Projects Volunteer University of Massachusetts at Boston
rouilj@cs.umb.edu (preferred) Boston, MA, (617) 287-6480
===============================================================================
My employers don't acknowledge my existence much less my opinions.
|
|
