Skip to Content.
Sympa Menu

en - Re: [sympa-users] Restriction of sending by IP Address

Subject: The mailing list for listmasters using Sympa

List archive

Re: [sympa-users] Restriction of sending by IP Address

Chronological Thread  
    < Chronological >       < Thread >
  • From: John Dalbec <address@concealed>
  • To: Joe Gilbert <address@concealed>
  • Cc: "'Olivier Salaun - CRU'" <address@concealed>, address@concealed
  • Subject: Re: [sympa-users] Restriction of sending by IP Address
  • Date: Fri, 18 Jul 2003 09:07:18 -0400
Joe Gilbert wrote:
I am doing everything through the command line. I have not even looked
at wwsympa.cgi. So, I would create my own scenario right? Is the below
rule the only one I need? Would I subsitute cru.fr in for whatever
domain I was concerned with? What do you mean it would only make sense
when evaluated through the web context?

I think Olivier means that the scenario only works when someone is accessing the WWSympa interface. I don't think it will work to lock down e-mails by IP address. Would it be possible for you to filter the e-mails through your MTA?

I plan to have the user send the email through smtp to
<mylist>@hostname. I do need to lock it down because it is supposed to
be a fairly user-friendly setup where the people sending mail do not
have to do anything special but it would be too easy for someone to
maliciously spoof a sending address.

If you're worried about someone sending the email from outside your company, wouldn't your firewall stop that? If you're worried about someone sending the email from inside your company, you might consider requesting a policy making that a firing offense. Even if Sympa can't filter the e-mail, you should be able to track down who sent it from the Received: headers.
John

Thank you for the quick response. Sympa seems to be very effective in
my testing and I am sure I will recommend it to other clients beyond my
current project.

Joe Gilbert

-----Original Message-----
From: Olivier Salaun - CRU [mailto:address@concealed] Sent: Friday, July 18, 2003 5:41 AM
To: Joe Gilbert
Cc: address@concealed
Subject: Re: [sympa-users] Restriction of sending by IP Address


Yes you can. Of course it only make sense when the scenario in evaluated

in a web context. You have 2 variables available : remote_addr and remote_host
(I just realize it's not documented)

Here is a sample scenario rule :
match ([remote_host],/'cru.fr'$/) md5,smime -> do_it

Joe Gilbert wrote:


I am wondering how to write a scenario that allows me to restrict sending based on a list of domain names or IP address. Has anyone done

this and gotten it working?







Archive powered by MHonArc 2.6.19+.

Top of Page