>>>>> "DB" == Dave Barr <firstname.lastname@example.org> writes:
DB> It seems obvious to me that resend should just get the outgoing address
DB> from the .config file. This would be much easier than using the
DB> @filename stuff, and pretty much negate having to use that mechanism at
Except for the facts that:
1. You might not want the list owner changing it (easy to fix, put it in
2. That doesn't really hide it. Some mailers will still reveal the
address. Even then, having it exist at all is a hole; someone who knows
the name can exploit it.
I think there are only two solutions which really work:
Specify an alternate config file in $mailer so that the outgoing aliases
aren't visible to the rest of the planet.
Don't use them at all. I expect that in the future Majordomo will just
talk SMTP itself and not pass an alias to sendmail. You can do this today
if you use an agent like bulk_mailer or TLB to do it. My setup uses TLB
(because I wrote it) and has no outgoing aliases at all. My aliases look
fvwm: "|/usr/local/lists/majordomo/wrapper resend -l fvwm -h hpc.uh.edu nobody"
The "nobody" just satisfies the argument check.
That said, a change to do this (take the alias name from the config file)
is damn near trivial. We'll have to yell about it wen 1.95 time comes