Mailing List Archive

On 10 Feb 1997, Russell Nelson wrote:

> My bounce manager will work with any mailing list package that accepts
> unsubscribe messages sent to the -request file.
>
> > (alternatively, is there a way to get
> > qlist to run moderated mailing lists?)
>
> Sure. Just set up the mailing list so that the first thing in its
> .qmail file is a filter that bounces mail that came in over SMTP.
> Since (I presume) you have a signon on the machine that runs the
> mailing list, your mail will arrive locally, so yours will go through.

Unfortunately the person who maintains the mailing list doesn't have
local access to the machine.

> Actually, the best method is for you to sign all postings with PGP,
> and run PGP from the .qmail file.

Well, I don't think that's going to happen. PGP is way beyond the
security we're after, and I don't think the owner has any auto-PGP
software available so it would be a real inconvenience to him.

> If you're using qlist, you might want my qlist patch, which changes
> the security feature from setting the suid bit on the .qmail file to
> insisting that a +list command appears prior to any addresses qlist
> adds. Both of these features cause qmail to defer delivery to any
> non-forward addresses, but the second allows you to insert a filter by
> hand prior to the +list command.

That would be particularly nice for adding things like auto-archiving.
Will that become part of the standard distribution?

Evan
--
Evan Champion * Director, Network Operations
mailto:evanc@synapse.net * Directeur, Exploitation du reseau
http://www.synapse.net/ * Synapse Internet

Russell Nelson <nelson@crynwr.com> writes:

: Sure. Just set up the mailing list so that the first thing in its
: .qmail file is a filter that bounces mail that came in over SMTP.
: Since (I presume) you have a signon on the machine that runs the
: mailing list, your mail will arrive locally, so yours will go through.

Well, that doesn't work for me. You see, moderator-approved
posting CAN come from the SMTP server (thus from the network). Look
at the following header segment:

---cut---
Delivered-To: alias-SECRET-ADDRESS@carrefour.net
Received: (qmail 31239 invoked by uid 54); 11 Feb 1997 00:30:52 -0000
Received: (qmail 31235 invoked from network); 11 Feb 1997 00:30:49 -0000
Received: from athena.socom.com (207.216.100.8)
by poseidon.socom.com with SMTP; 11 Feb 1997 00:30:49 -0000
Received: (qmail 15919 invoked by uid 543); 11 Feb 1997 00:30:49 -0000
Message-ID: <19970211003048.15916.qmail@athena.socom.com>
---cut---

As you can see, the mail is generated from athena.socom.com,
delivered via SMTP to poseidon.socom.com (my main mailhub, and where
Majordomo resides) and then Majordomo's "resend" fires up the mail to my
"secret" address (which is NOT "SECRET-ADDRESS" :-)) and to the list
since it contained the correct Approved: header.

: Actually, the best method is for you to sign all postings with PGP,
: and run PGP from the .qmail file.

This seems like a major(domo) overhead for what we send.

Ciao,
...David

--
// d a v i d l e b e l <lebel@socom.com> http://superdave.socom.com/
// analyst / system administrator / hacker socom technologies, inc.
// " I find your lack of faith, disturbing. " -- Darth Vader, _Star Wars_

-----BEGIN PGP SIGNED MESSAGE-----

David Lebel writes:
> Russell Nelson <nelson@crynwr.com> writes:
>
> : Sure. Just set up the mailing list so that the first thing in its
> : .qmail file is a filter that bounces mail that came in over SMTP.
> : Since (I presume) you have a signon on the machine that runs the
> : mailing list, your mail will arrive locally, so yours will go through.
>
> Well, that doesn't work for me. You see, moderator-approved
> posting CAN come from the SMTP server (thus from the network). Look
> at the following header segment:

Okay, how about this:

echo '|grep -v "^Delivered-To: SECRET-ADDRESS"|forward list' >~alias/SECRET-ADDRESS

and put the aforementioned filter on the list's .qmail file. That
way, list submissions only come from the local machine.

> : Actually, the best method is for you to sign all postings with PGP,
> : and run PGP from the .qmail file.
>
> This seems like a major(domo) overhead for what we send.

Still, it is better than using a password (SECRET-ADDRESS) which
traverses the public Internet. And its ease depends on what mailer
you're using. I can PGP-sign this message with a few keystrokes.
Takes six seconds on a NexGen P110 including typing my passphrase.

- --
- -russ <nelson@crynwr.com> http://www.crynwr.com/~nelson
Crynwr Software sells network driver support | PGP ok
521 Pleasant Valley Rd. | +1 315 268 1925 voice | Peace, Justice, Freedom:
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | pick two (only mostly true)

-----BEGIN PGP SIGNATURE-----
Version: 2.7
Comment: Processed by Mailcrypt 3.2, an Emacs/PGP interface

iQCVAwUBMwCQ26bBSWSDlCdBAQHhXgP/f5sQPkGuCloLfqIXz3Yq5adjZaS8983r
QIh07kTZiQ9P28nf6VDPVo2pQhJL552FIlIMFitm8K8sICW40G/T81u1Ax1NiyYX
zwQI2mRe52nYcMT78SLCO4tnTdzmRYTNLweeDHW+Sco/NnjlWYe6QLbUoP4/QTm2
fSz+mXTobdI=
=8Dkm
-----END PGP SIGNATURE-----