OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Vincent Danen (vdanenmandrakesoft.com)
Date: Fri Feb 01 2002 - 21:56:25 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Just asking for opinions here. A few people were somewhat annoyed
    with the list not being an "open list" (ie. anyone can send to the
    list). The list is currently subscriber-only and posts to the list
    from non-subscribers need to be approved by myself.

    Unfortunately, each of the mandrakesecure.net lists have received
    numerous pieces of spam since they came online. Fortunately, the list
    was subscriber-only so I could reject the posts.

    However, the problem is that sometimes posts are delayed because I
    have to manually approve them. So now I've come up with another idea
    that I wanted to bounce off of those on the list.

    Some of you may have read my article on TMDA posted on MandrakeSecure
    in December, describing it as a really good anti-SPAM solution. I've
    been using it for quite a while and it works awesome. I also think I
    can plug it into ezmlm so that people posting to the list would have
    to confirm their message prior to it being accepted by the list; the
    premise being, of course, that spammers never respond to their
    messages.

    The drawback is that non-subscribers are asked to confirm their
    message prior to posting, which results in delays. The benefit is
    that these delays are shorter than if I approved the message
    manually. Also, once confirmed, the sender would go into a permanent
    whitelist and subsequent posts would not require confirmation. New
    subscribers would have to go through the process once and never
    again. Existing memberlists would get piped into the whitelist so
    current subscribers will never have to confirm a message.

    WDYT? I'm thinking of implementing this using a shared whitelist for
    all mandrakesecure.net mailing lists. Ie. if you post to discuss and
    confirm your message once, you can post to qmail or snf and never
    have to see another confirmation message.

    I'd like to know if you guys think this is a good or bad idea, or if
    you couldn't care less either way. =) Thanks! 

    -- 
MandrakeSoft Security, OpenPGP key available on www.keyserver.net
1024D/FE6F2AFD   88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD

    Current Linux kernel 2.4.8-34.1mdk uptime: 10 days 1 hour 37 minutes.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org

    iD8DBQE8W2NpIEPQ5f5vKv0RAgilAJ9d5YRcX4wAol0H8kkDWGESgdIC3gCfb8VA SL3wTy5Tx5UM4QvL7bmc3SA= =GJrI -----END PGP SIGNATURE-----