Hi,
is there any equivalent to "Approved" header that was present in MM2 in MM3 land? Google is not very helpful in that.
-- Sr System and DevOps Engineer SoM IRT
On Mon, Apr 9, 2018, at 3:00 PM, Dmitry Makovey wrote:
Hi,
is there any equivalent to "Approved" header that was present in MM2 in MM3 land? Google is not very helpful in that.
It does exist in Mailman 3 as a carry-over from Mailman 2, but AFAIK it is broken.
Also, I have been thinking of not having this as a feature in Mailman 3, mostly because of the issue of having shared passwords. No one should be sending out passwords anyway through plain emails anyway.
-- Abhilash Raj maxking@asynchronous.in
On 04/09/2018 03:59 PM, Abhilash Raj wrote:
On Mon, Apr 9, 2018, at 3:00 PM, Dmitry Makovey wrote:
Hi,
is there any equivalent to "Approved" header that was present in MM2 in MM3 land? Google is not very helpful in that.
It does exist in Mailman 3 as a carry-over from Mailman 2, but AFAIK it is broken.
I don't think it is broken, but it requires setting the moderator_password attribute for the list which can be set visa REST but I think not by mailmanclient.
Also, I have been thinking of not having this as a feature in Mailman 3, mostly because of the issue of having shared passwords. No one should be sending out passwords anyway through plain emails anyway.
Agreed. This is a shared password. and would be sent in plain text as a header or body line.
It would be nice though to have some feature to enable, for example, spoof proof posting to a one-way (announce only) list.
One thought on how to do this would be to have a list attribute that says posts from 'authenticated' owners and moderators can be auto approved and authentication could be by PGP signing the post. This would require Mailman to have the ability to verify a PGP signature from an owner or moderator which is not currently the case.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Mon, Apr 9, 2018, at 8:59 PM, Mark Sapiro wrote:
On 04/09/2018 03:59 PM, Abhilash Raj wrote:
On Mon, Apr 9, 2018, at 3:00 PM, Dmitry Makovey wrote:
Hi,
is there any equivalent to "Approved" header that was present in MM2 in MM3 land? Google is not very helpful in that.
It does exist in Mailman 3 as a carry-over from Mailman 2, but AFAIK it is broken.
I don't think it is broken, but it requires setting the moderator_password attribute for the list which can be set visa REST but I think not by mailmanclient.
Thanks Mark for clarification.
Also, I have been thinking of not having this as a feature in Mailman 3, mostly because of the issue of having shared passwords. No one should be sending out passwords anyway through plain emails anyway.
Agreed. This is a shared password. and would be sent in plain text as a header or body line.
It would be nice though to have some feature to enable, for example, spoof proof posting to a one-way (announce only) list.
One thought on how to do this would be to have a list attribute that says posts from 'authenticated' owners and moderators can be auto approved and authentication could be by PGP signing the post. This would require Mailman to have the ability to verify a PGP signature from an owner or moderator which is not currently the case.
+1 on using PGP signatures for doing this and that is exactly what I was thinking :)
-- Abhilash Raj maxking@asynchronous.in
participants (3)
-
Abhilash Raj -
Dmitry Makovey -
Mark Sapiro