3.46. How do I validate claimed e-mail addresses?
Q: How can I configure Mailman to validate e-mail addresses that are claimed in messages sent to my list?
Any user with minimal knowledge of his MUA can configure it to claim any address they want – how can I ensure that they can't claim an address they don't actually own, which would allow them to get spam through to my list?
A: Mailman does not attempt to perform any validation of the claimed address. It will check the headers in a given order (which you can control through mm_cfg.py) to see if the claimed address is a known list member or on the white or black lists, but it doesn't attempt to do anything beyond that.
If you need strong validation, the only current solution I know of is to use a package called "mmreencrypt" and require that all your posters encrypt their messages with PGP to a public key that is registered to the mailing list. When an authenticated message is received by the system, it will re-encrypt that message to each of the registered recipients and send it out. Of course, this would require that everyone have their public key registered on the Mailman server. See http://sourceforge.net/projects/mmreencrypt/ for more information on "mmreencrypt".
The only other solution to this problem (that I know of) would be to force all messages to always be moderated, and the list moderator would then be required to take manual action to release each message to the list. See How do I spoof-proof my one-way (announcements or newsletter) list? for more on this approach.
This entry originally from the threads at http://mail.python.org/pipermail/mailman-users/2004-October/040468.html and http://mail.python.org/pipermail/mailman-users/2004-November/040655.html.
Now, for a few words on potential methods that are not currently found in the Mailman code, nor covered by known patches to Mailman.
A password scheme could potentially be implemented, but it would always be a weak authentication method. Users would put the password in their headers or as the first line in the body of their message, but these could easily be exposed by the user accidentally posting a message with the password to another list. For this reason, while other mailing list management systems might use this technique, it is not likely that this method will be adopted by Mailman.
Short of doing something like "mmreencrypt", the only other practical automatic validation method would be one based on everyone signing their messages with a public-key cryptographic scheme (such as PGP). The message itself would not be encrypted, but the signature would be. Users would not have to be concerned about passwords being exposed, nor would the mailing list management system have to decrypt all incoming messages and then re-encrypt them for each recipient (as required by "mmreencrypt"). If any additional validation/authentication method is adopted by Mailman in the near future, it is likely to be based on this type of solution.
Last changed on Fri Nov 24 19:20:21 2006 by Mark Sapiro
Converted from the Mailman FAQ Wizard
This is one of many Frequently Asked Questions.