Next: Restricting posts to an arbitrary set of email addresses (higher security option), Previous: Restricting posts based on MIME content-type, Up: Restricting message posting to the list
Use message moderation. As an alternative, implement a check against SENDER by using ezmlm-issubn(1). The latter is easily defeated by faking SENDER. Also, it prevents posts from legitimate subscribers that are subscribed under a different address than the one they send from. Nevertheless, it may be useful in some situations. Add:
|/usr/local/bin/ezmlm/ezmlm-issubn 'DIR' 'DIR/digest' 'DIR/allow' || { echo "Sorry, you are not allowed to post to this list."; exit 100; }
ALL ON ONE LINE to DIR/editor before the ezmlm-send(1) line. DIR is the main list directory. If your ezmlm binaries live in a different directory, change the ezmlm-issubn(1) path accordingly. If you would like denied posts to be dropped silently rather than bounced, change the exit code to 99.
See Customizing ezmlm-make operation if you want your lists to have some of these features by default or set by specific ezmlm-make(1) switches. The ezmlm-make(1) -u switch by default sets up restrictions this way.
If you do not want to allow digest subscribers to post, remove DIR/digest/ from the ezmlm-issubn command line. To allow posts from an address that is not a subscriber, simply add it to the addresses in DIR/allow/:
% ezmlm-sub DIR allow address@host
The ‘allow’ database can be manipulated remotely by sending mail to ‘list-allow-subscribe@listhost’, ‘list-allow-unsubscribe@listhost’, etc. If configured for the list, the -list command for remote administrators will work for the ‘allow’ database as well.
Please note that this setup is not secure, as it is easy to modify the envelope SENDER. For more secure options, see Restricting posts to an arbitrary set of email addresses (higher security option).