Re: [cobalt-users] mailing all the siteadmins

[Jeff Lasman <jblists@xxxxxxxxxxxxx>]

"Babu P. Yogarajah" wrote:

> FOR RAQ3
> --------
> Not as a default, but you may setup a Mailing list.
> 
> The alias 'site-adm-list@xxxxxxxxxxxxxxxxxxx' is available as default.

The proper way to use this list is to send email to
"site-adm@xxxxxxxxxxxxxxxxxxxx"; then the mailing will go through
majordomo.

> But this alias is too dangerous,
> if the spammer knows this alias they could spam to all Site Admins.

The best thing to do with the default majordomo installation is to
disable it.  You can set up your own majordomo installation with a lot
more security (or we can do it for you for a fee).

Here's how to protect it (and other things):

The "main site" (machine-name) should NOT be in any DNS; address your
own machine from the outside world via IP#.  A bit of obscurity never
hurts.

Your main site should be on a virtual site.

Then all majordomo requests will have to go through /etc/virtusertable. 
Do create any lists for any virtual sites through the gui; use your own
Majordomo installation for all lists.

Block your sender targets in /etc/virtusertable something like this:

listname-send@xxxxxxxxxx	error:nouser User unknown

Then everything's got to go through your majordomo implementation, which
you can protect my moderating.

Alternatively you can also protect your listname@xxxxxxxxxx in
/etc/virtusertable the same way, but then if you want to send email from
to the list yourself, you'll have to do it directly from your RaQ, not
from outside the system at all.

I think you can use listname.config to restrict the posters to a
completely separate file from the listfile, but I'm not certain; I've
never tried it.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
nobaloney.net
P. O. Box 52672
Riverside, CA  92517
voice: (909) 787-8589  *  fax: (909) 782-0205