The mailing list for listmasters using Sympa

[Steve Shipway <address@concealed>]

> On 05 May 2018 at 06:43 Mark London <address@concealed> wrote:
> Hi - I want to restrict my Sympa website,  to only people who are 
> subscribed to a private Sympa mailing list, that only the listmanager 
> controls.   In other words, I don't want anybody to access, or even 
> request access, to my site, unless their email address is in the private 
> Sympa mailing list.    Has anybody done anything like that?  Thanks. - Mark

You're going to have to let people at least log in, else Sympa won't be able 
to check their access.  So you have a few options -

* Central authentication (certificate, LDAP, SAML) managed by web server.
This lets you restrict login to only accounts that exist at webserver level.  
Then, inside Sympa, you can have various scenari set so that all lists are 
only visible to people on a certain list.

* Empty web interface
Let everyone access the Sympa website, but the visibility scenari all say 
they must be on the list.  Therefore they see nothing until they have logged 
in with a valid identity.

The second is the one we used at my last place; this allowed us to have a 
small number of public lists but most required login to access or see.

Restricting login to a mailing list is a sympa-level option, so can't be done 
in your web server.  However the webserver can restrict by other criteria, 
such as LDAP group.  So, if your special list is tied to an LDAP group then 
you could use this to restrict login at web server level, and then let sympa 
take the identity from the web server.

Steve
_____________________________________________________________________________

This email has been filtered by SMX. For more info visit http://smxemail.com
_____________________________________________________________________________