Hien HUYNH HUU wrote:
>Again about this issue ,
>Please guide me how to configure Approve Header for email policy ? And I
> wonder If using Microsoft Outlook or Outlook Express to send mail to list ,
> can user set header for him ?
I am not an Outlook expert by any means, but I don't thin
=sbsc.com...@python.org
[mailto:mailman-users-bounces+hien.hh=sbsc.com...@python.org] On Behalf Of
Barry Warsaw
Sent: Wednesday, November 11, 2009 12:15 PM
To: Conrad Richter
Cc: Mailman-Users@python.org
Subject: Re: [Mailman-Users] Fake Email
On Oct 31, 2009, at 12:47 PM, Conrad Richter wrote
On Oct 31, 2009, at 12:47 PM, Conrad Richter wrote:
Another way to deal with this is sender confirmation by email, where,
like subscriber confirmation by email, a message is sent with a
confirmation link. Mailman doesn't have this capability presently
but it
seems to me that since it already h
On Oct 31, 2009, at 10:54 AM, Todd Zullinger wrote:
I don't know if the patches at http://non-gnu.uvt.nl/mailman-ssls/
would be helpful here or not. It's an attempt to add some OpenPGP and
S/MIME capabilities to Mailman.
I'll take a closer look at some point, but I suspect they won't be
rel
Conrad Richter wrote:
>
>Another way to deal with this is sender confirmation by email, where,
>like subscriber confirmation by email, a message is sent with a
>confirmation link. Mailman doesn't have this capability presently but it
>seems to me that since it already has subscriber confirmation, i
Barry Warsaw wrote:
> On Oct 31, 2009, at 1:28 AM, Stephen J. Turnbull wrote:
>
>> A better way to do this would be to set up the MTA on Mailman's host
>> to only deliver to the list address (ie, Mailman) if the sender has
>> been authenticated (eg, with TLS).
>
> Or to use digital signatures for
Barry Warsaw wrote:
> On Oct 31, 2009, at 1:28 AM, Stephen J. Turnbull wrote:
>
>> A better way to do this would be to set up the MTA on Mailman's host
>> to only deliver to the list address (ie, Mailman) if the sender has
>> been authenticated (eg, with TLS).
>
> Or to use digital signatures for s
Barry Warsaw wrote:
> On Oct 31, 2009, at 1:28 AM, Stephen J. Turnbull wrote:
>
>> A better way to do this would be to set up the MTA on Mailman's host
>> to only deliver to the list address (ie, Mailman) if the sender has
>> been authenticated (eg, with TLS).
>
> Or to use digital signatures for
On Nov 1, 2009, at 9:06 PM, Stephen J. Turnbull wrote:
If you really want Mailman to do the authentication, you can either
use the Approved header field, which is not very secure, or you can
use the 3rd-party patch to use public-key signatures which somebody
else mentioned. I'm pretty sure that
Hien HUYNH HUU writes:
> Hi Stephen,
>I can't do that because may be the sender is on another MTA and mailman
> server can't force they do an authentication.
>Is this a weak point of Mailman ?
No, this is a weak point of your MTA. The MTA has all the information
needed, and in princ
Hien HUYNH HUU wrote:
>Hi Stephen,
> I can't do that because may be the sender is on another MTA and mailman
> server can't force they do an authentication.
> Is this a weak point of Mailman ?
They still could connect and authenticate to the Mailman server's MTA
for list posting purposes.
Hi,
HOw would you propose such verification of the authenticity of a sender be
performed in Mailman?
It's hard enough to do anyway, but as has been pointed out, it's probably
more the function of the MTA than of Mailman. The MTA can do things like
insist on client-side certificates and oth
.org]
Sent: Saturday, October 31, 2009 12:28 PM
To: Hien HUYNH HUU
Cc: mailman-users@python.org
Subject: [Mailman-Users] Fake Email
Hien HUYNH HUU writes:
>I recognize that mailman can accept a fake sender . Example, I
>have a maillist with only an email account (x...@abc.com
Barry Warsaw wrote:
> On Oct 31, 2009, at 1:28 AM, Stephen J. Turnbull wrote:
>
>>A better way to do this would be to set up the MTA on Mailman's host
>>to only deliver to the list address (ie, Mailman) if the sender has
>>been authenticated (eg, with TLS).
>
> Or to use digital signatures for send
On Oct 31, 2009, at 1:28 AM, Stephen J. Turnbull wrote:
A better way to do this would be to set up the MTA on Mailman's host
to only deliver to the list address (ie, Mailman) if the sender has
been authenticated (eg, with TLS).
Or to use digital signatures for sender verification. This is not
Hien HUYNH HUU writes:
>I recognize that mailman can accept a fake sender . Example, I
>have a maillist with only an email account (x...@abc.com) can
>send messages to all emails in the list. But , if someone can
>send a fake "From address" is x...@abc.com, mailman will deliver
Dear all,
I recognize that mailman can accept a fake sender . Example, I have a
maillist with only an email account (x...@abc.com) can send messages to all
emails in the list. But , if someone can send a fake "From address" is
x...@abc.com, mailman will delivery messages to the list . This is
17 matches
Mail list logo