Lyris User's Guide [previous] [next] [contents]

Disallow Email Posting Table of Contents · Introduction · Email Commands · Web Interface for Users · Server Administrator · Site Administrator · List Administrator · Other Topics · · Security Considerations · · Security Issues Relating to Members · · · Access to the list archives · · · Access to the list of members · · · Access to Subscribe to the Mailing List · · · Steps to restrict false impersonations · · · Security Features for Posting Messages · · · · List admin posting · · · · Admin Moderation · · · · Number moderating · · · · Allow Non-Member Posting · · · · Action Phrase Restrictions · · · · Password based posting · · · · Banning members · · · · Disallow Email Posting · · · · Secure HTTP web interface · · · · Lyris List Manager extensions · · · · Confirmed subscriptions · · · · Duplicate messages · · · · Cross-posting · · · · Maximum posts per member · · · · Maximum quoting allowed · · · · Maximum Messages Per Day · · · · Limit the Message Size · · · · Reject Email Attachments · · · · Moderator auto-approval · · · · Command detection · · · · Anonymous Postings · · · Access to unsubscribe and change settings · · · Visibility of the existence of the mailing list · · · Web Interface Access · · · Overview of Lyris List Manager Posting Security · · · Security Considerations of the From: field · · · Security Recommendations for Announcement lists · · · How Lyris List Manager Determines the Identity of the Person Posting · · Lyris List Manager Mail Merge · · The Lyris List Manager command line · · Modifying lyris.plc · Add-On Packages · Installing and Upgrading · Appendix · Frequently Asked Questions Disallow Email Posting A mailing list can be set to disallow all email posting and require all postings to be contributed through the web interface. This allows you to get rid of all the authentication issues that accompany email and is considered very secure. Some sites put the web interface on a web server behind a firewall, where no one from the outside can reach it. In addition, most web servers have password-based security access features and the entire web interface be protected with this password. Optionally, if you want outsiders to have access to the web interface, you can place a copy of the web interface program on a publicly available web server, but with features removed from it, so they cannot abuse the script, no matter what. Because the Perl source code to the web interface is included with Lyris List Manager, it is very easy to remove features such as "create a message" and "read messages" from the web interface. Some of our most security conscious customers, such as banks, use this technique.

Other pages which link to this page: Security Features for Posting Messages

Page 420 of 629