The mailing list for listmasters using Sympa

[Niklas Matthies <address@concealed>]

I missed two words below:

On Mon 2011-02-14 at 17:15h, Niklas Matthies wrote on sympa-users:
> Hello,
> 
> In the context of our situation described in the email quoted below,
> we noticed the following problem. On open lists where everyone can
> subscribe, everyone can subscribe through the web interface even
> without logging in. In our case, users tend to specify the "wrong",

...email address...

> i.e. the short one instead of the long, canonical one (see again in
> the email quoted below) when subscribing this way without having
> logged in first. Furthermore, due to the canonicalization made by the
> LDAP lookup, they are not able to login to the account of this "wrong"
> email address later on.
> 
> Therefore, is it possible in Sympa to restrict list subscription to
> logged-in users? This would prevent our users to subscribe themselves
> with the wrong email address.
> 
> -- Niklas Matthies
> 
> 
> On Mon 2010-11-08 at 16:22h, Niklas Matthies wrote on sympa-users:
> > The "bugfix"[1] from Revision 6168 breaks our use case.
> > 
> > Our users have two email addresses, a long one (e.g.
> > address@concealed) and a short one (e.g. address@concealed,
> > effectively an alias). While everyone uses the short address when
> > typing their (or other people's) email address somewhere, the long one
> > is actually the canonical address, in particular it is the address
> > automatically inserted into the From header field when users send mail
> > going outside of MS Exchange.
> > 
> > For this reason the long email address is the one to be used when
> > subscribing to a Sympa mailing list. Subscribing with the short email
> > address wouldn't work for posting to a non-public list because the
> > messages always appear to come from the long email address wouldn't be
> > matched up with the subscription.
> > 
> > We use the LDAP lookup to canonicalize the login to the long
> > (= canonical) email address so that users login to the same account
> > regardless of which email address they enter.
> > 
> > (In our auth.conf we have:
> > 
> >     get_dn_by_email_filter (|(mail=[sender])(userPrincipalName=[sender]))
> >     email_attribute        mail
> > 
> > Here "mail" is the long email address while "userPrincipalName" is the
> > short email address.)
> > 
> > The "bugfix" causes this canonicalization to not work anymore. Users
> > are now logged in to different accounts depending on whether they
> > enter their long email address or the short alias address.
> > 
> > I guess this is something that should be configurable in Sympa. (At
> > least until there is true support for Sympa accounts to have multiple
> > email addresses.)
> > 
> > -- Niklas Matthies
> > 
> > [1] [bug][Submitted by M. Warkus, univ. Marburg] When a user logged
> > in, using LDAP, by providing an email address, if this email was not
> > the first one in the LDAP email attribute, then the uiser was not
> > logged with the address she provided but with the default address
> > found in the LDAP directory. Now, if an email is provided and the
> > login is successful ,the user is logged in with the email she
> > provided.
> > 
> 


-- Niklas Matthies