On 02/19/2015 05:47 PM, Danil Smirnov wrote: > Thanks Mark! > > And how about if this non-subscriber is included to the > hold_these_nonmembers list in Privacy -- Sender filters? > > Is Approved: powerful enough to overpower this option?
Approved: with a valid password trumps (overrides) everything except header_filter_rules, patterns in mm_cfg.KNOWN_SPAMMERS and dmarc_moderation_action of reject or discard. Historically, the only passwords that worked were the list admin and list moderator password and anyone who knew those could approve held posts after the fact so there was no reason to not let them pre-approve posts. The list poster password was added later to allow a less sensitive password to be used to pre-approve posts to an otherwise moderated list and uses the same approval mechanism. The bottom line is people should only be given those passwords if they can be trusted not to abuse them. If you specifically need to hold a post From: someone even if it contains a valid Approve: and you can't just change the password, I think you can do it with header_filter_rules. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org