FAQ
Hi.

I have created a list used to post commits messages, generated by a
script hook for Subversion.

The list is moderated but, since it is a nuisance to have to approve all
messages, I'm thinking to remove the moderation flag on the address used
by the script.

Any better solutions?


Thanks Manlio Perillo

Search Discussions

  • Brad Knowles at May 16, 2006 at 4:36 pm

    At 1:52 PM -0200 2006-05-16, Manlio Perillo wrote:

    The list is moderated but, since it is a nuisance to have to approve all
    messages, I'm thinking to remove the moderation flag on the address used
    by the script.
    This is precisely what we do for several "commits" type lists
    that I run for the NTP Public Services Project. Works fine for us.

    --
    Brad Knowles, <brad at stop.mail-abuse.org>

    "Those who would give up essential Liberty, to purchase a little
    temporary Safety, deserve neither Liberty nor Safety."

    -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
    Assembly to the Governor, November 11, 1755

    LOPSA member since December 2005. See <http://www.lopsa.org/>.
  • Manlio Perillo at May 16, 2006 at 5:24 pm

    Brad Knowles ha scritto:
    At 1:52 PM -0200 2006-05-16, Manlio Perillo wrote:

    The list is moderated but, since it is a nuisance to have to approve all
    messages, I'm thinking to remove the moderation flag on the address used
    by the script.
    This is precisely what we do for several "commits" type lists that I
    run for the NTP Public Services Project. Works fine for us.
    Ok, but it is not secure.
    But, as I can see, it is the only solution.



    Thanks and regards
  • Brad Knowles at May 16, 2006 at 5:31 pm

    At 3:24 PM -0200 2006-05-16, Manlio Perillo wrote:

    The list is moderated but, since it is a nuisance to have to approve all
    messages, I'm thinking to remove the moderation flag on the address used
    by the script.
    This is precisely what we do for several "commits" type lists that I
    run for the NTP Public Services Project. Works fine for us.
    Ok, but it is not secure.
    No, not perfectly secure. Someone could spoof the sending
    address and get their post through to the whole list.
    But, as I can see, it is the only solution.
    Unless you can get the commit notification process to add an
    "Approved: password" line to the headers of your message, or the
    first line of the message body, I don't see any way that the security
    could be further improved, at least as far as Mailman is concerned.

    --
    Brad Knowles, <brad at stop.mail-abuse.org>

    "Those who would give up essential Liberty, to purchase a little
    temporary Safety, deserve neither Liberty nor Safety."

    -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
    Assembly to the Governor, November 11, 1755

    LOPSA member since December 2005. See <http://www.lopsa.org/>.
  • Manlio Perillo at May 16, 2006 at 6:40 pm

    Brad Knowles ha scritto:
    [...]
    But, as I can see, it is the only solution.
    Unless you can get the commit notification process to add an
    "Approved: password" line to the headers of your message, or the first
    line of the message body,
    Thanks, I'm new to Mailman and I was not aware of this header.
    But the password is the list administrator's one?




    Regards Manlio Perillo
  • Todd Zullinger at May 16, 2006 at 6:50 pm

    Manlio Perillo wrote:
    Brad Knowles ha scritto:
    [...]
    But, as I can see, it is the only solution.
    Unless you can get the commit notification process to add an
    "Approved: password" line to the headers of your message, or the
    first line of the message body,
    Thanks, I'm new to Mailman and I was not aware of this header. But
    the password is the list administrator's one?
    The administrator or moderator password can be used.

    - --
    Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
    ======================================================================
    (When asked whether he liked children) "Ah yes...boiled or fried."
    -- W.C. Fields
  • Todd Zullinger at May 16, 2006 at 5:34 pm

    Manlio Perillo wrote:
    Brad Knowles ha scritto:
    At 1:52 PM -0200 2006-05-16, Manlio Perillo wrote:

    The list is moderated but, since it is a nuisance to have to
    approve all messages, I'm thinking to remove the moderation flag
    on the address used by the script.
    This is precisely what we do for several "commits" type lists
    that I run for the NTP Public Services Project. Works fine for
    us.
    Ok, but it is not secure. But, as I can see, it is the only
    solution.
    I haven't setup any hook-scripts in Subversion, but couldn't you
    modify the hook-script to add an Approved: header (or body line)?

    The commit-email.pl script in my (dated) copy of subversion-1.2.3
    looks like it'd be simple to do either.

    - --
    Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
    ======================================================================
    Things in our country run in spite of government, not by aid of it.
    -- Will Rogers
  • Todd Zullinger at May 16, 2006 at 5:51 pm

    I wrote:
    I haven't setup any hook-scripts in Subversion, but couldn't you
    modify the hook-script to add an Approved: header (or body line)?

    The commit-email.pl script in my (dated) copy of subversion-1.2.3
    looks like it'd be simple to do either.
    I just did this as a test and adding a header is quite simple. It
    should be more secure than leaving the $from address unmoderated.

    - --
    Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
    ======================================================================
    Between two evils, I always pick the one I never tried before.
    -- Mae West

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupmailman-users @
categoriespython
postedMay 16, '06 at 3:52p
activeMay 16, '06 at 6:50p
posts8
users3
websitelist.org

People

Translate

site design / logo © 2022 Grokbase