The mailing list for listmasters using Sympa

["Joe Gilbert" <address@concealed>]

Well, the main reason we are implementing Sympa is for the automated
bounce handling.  If we restrict mail coming in, i.e. through a
firewall, we will not get the bounce responses.  I have already though
about using procmail for this purpose but I was hoping there was
something inherent within Sympa for it.

Joe

-----Original Message-----
From: John Dalbec [mailto:address@concealed] 
Sent: Friday, July 18, 2003 6:07 AM
To: Joe Gilbert
Cc: 'Olivier Salaun - CRU'; address@concealed
Subject: Re: [sympa-users] Restriction of sending by IP Address


Joe Gilbert wrote:
> I am doing everything through the command line.  I have not even 
> looked at wwsympa.cgi. So, I would create my own scenario right?  Is 
> the below rule the only one I need?  Would I subsitute cru.fr in for 
> whatever domain I was concerned with?  What do you mean it would only 
> make sense when evaluated through the web context?

I think Olivier means that the scenario only works when someone is 
accessing the WWSympa interface.  I don't think it will work to lock 
down e-mails by IP address.  Would it be possible for you to filter the 
e-mails through your MTA?
> 
> I plan to have the user send the email through smtp to 
> <mylist>@hostname.  I do need to lock it down because it is supposed 
> to be a fairly user-friendly setup where the people sending mail do 
> not have to do anything special but it would be too easy for someone 
> to maliciously spoof a sending address.

If you're worried about someone sending the email from outside your 
company, wouldn't your firewall stop that?  If you're worried about 
someone sending the email from inside your company, you might consider 
requesting a policy making that a firing offense.  Even if Sympa can't 
filter the e-mail, you should be able to track down who sent it from the

Received: headers.
John
> 
> Thank you for the quick response.  Sympa seems to be very effective in

> my testing and I am sure I will recommend it to other clients beyond 
> my current project.
> 
> Joe Gilbert
> 
> -----Original Message-----
> From: Olivier Salaun - CRU [mailto:address@concealed]
> Sent: Friday, July 18, 2003 5:41 AM
> To: Joe Gilbert
> Cc: address@concealed
> Subject: Re: [sympa-users] Restriction of sending by IP Address
> 
> 
> Yes you can. Of course it only make sense when the scenario in 
> evaluated
> 
> in a web context. You have 2 variables available : remote_addr and
> remote_host
> (I just realize it's not documented)
> 
> Here is a sample scenario rule :
> match ([remote_host],/'cru.fr'$/)      md5,smime  -> do_it
> 
> Joe Gilbert wrote:
> 
> 
>>I am wondering how to write a scenario that allows me to restrict
>>sending based on a list of domain names or IP address.  Has anyone
done
> 
> this and gotten it working?
> 
>> 
>>