Mercurial > hg > mlmmj
annotate README.access @ 790:e05f92db6857 BRANCH_1_2_17
Added tag RELEASE_1_2_17_1 for changeset dc0f9614c839
| author | Ben Schmidt |
|---|---|
| date | Sun, 21 Nov 2010 01:00:59 +1100 |
| parents | 7e1127e22936 |
| children | 30e6e309891d |
| rev | line source |
|---|---|
| 387 | 1 README.access present in mlmmj versions >= 0.8.0 |
| 2 (moderate tag since 1.1.0-RC3) | |
| 256 | 3 Access control in mlmmj |
| 4 ======================= | |
| 5 | |
| 6 If the file listdir/control/access is present, access control is enabled. | |
| 7 | |
| 8 NOTE: the default action is to deny access (reject the mail), so an empty | |
| 261 | 9 access control file will cause mlmmj to reject all posts, whereas a non- |
| 10 existant file will change nothing, and mlmmj will behave as usual. | |
| 256 | 11 |
| 12 Each header in the mail is tested against each rule, rule by rule. That is, | |
| 13 all headers are first tested against the first rule, then all headers are | |
| 14 tested against the second rule, and so on. | |
| 15 | |
|
640
3770bb64ea17
Added support for 'discard' keyword in access rules (Sascha Sommer)
mortenp
parents:
387
diff
changeset
|
16 The first rule to match a header decides which action to take - allow, deny, |
|
3770bb64ea17
Added support for 'discard' keyword in access rules (Sascha Sommer)
mortenp
parents:
387
diff
changeset
|
17 discard or moderate the post. |
| 256 | 18 |
| 19 The syntax is quite simple: action[ [!]regexp] | |
|
640
3770bb64ea17
Added support for 'discard' keyword in access rules (Sascha Sommer)
mortenp
parents:
387
diff
changeset
|
20 - "Action" can be "allow", "deny", "discard" or "moderate". |
| 256 | 21 - The optional "!" makes the rule a match, if NO header matches the regular |
| 22 expression. | |
| 23 - "Regexp" is a POSIX.2 extended regular expression. Matching is done case | |
| 24 insensitive. | |
| 25 | |
|
717
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
26 The action "allow" will pass the mail on to the next step in processing. The |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
27 mail may still be held for moderation, if it would have been so without access |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
28 rules. |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
29 |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
30 The action "deny" will not send the mail to the mailing list, but will send a |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
31 rejection mail to the sender. |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
32 |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
33 The action "discard" will not send the mail to the list, and will not send a |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
34 rejection mail. |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
35 |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
36 The action "moderate" will hold the mail for moderation. |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
37 |
| 387 | 38 IMPORTANT: if "moderate" is used then don't forget to add people who should |
| 39 function as moderators in listdir/control/moderators | |
| 256 | 40 |
|
717
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
41 |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
42 The flow out of the access system is like this: |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
43 |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
44 | |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
45 v |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
46 +--------+ deny +--------+ discard +---------+ |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
47 | reject |<-------| access |---------->| discard | |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
48 +--------+ +--------+ +---------+ |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
49 allow | | moderate |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
50 | +-----------+ |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
51 v v |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
52 +------------+ +------+ |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
53 | moderation |--->| hold | |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
54 +------------+ +------+ |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
55 | | |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
56 v | |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
57 +------+ | |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
58 | send |<---------+ |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
59 +------+ |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
60 |
|
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
61 |
| 256 | 62 First a simple example. This rule set will reject any mail that is NOT plain |
| 63 text, or has a subject that contains "BayStar", and allow anything else: | |
| 64 | |
| 387 | 65 deny !^Content-Type: text/plain |
| 66 deny ^Subject:.*BayStar | |
| 67 allow | |
| 256 | 68 |
| 387 | 69 To allow only text mails, but have the moderators moderate every html mail one |
| 70 would use this: | |
| 71 | |
| 72 allow ^Content-Type: text/plain | |
| 73 moderate ^Content-Type: text/html | |
| 74 deny | |
| 256 | 75 |
| 76 Now on to a more advanced example. Morten can post anything, Mads Martin can | |
| 77 post if the subject does not contain "SCO". Everything else is denied: | |
| 78 | |
| 387 | 79 allow ^From: Morten |
| 80 deny ^Subject:.*SCO | |
| 81 allow ^From: Mads Martin | |
| 82 deny | |
| 256 | 83 |
| 84 The last rule (deny) can be left out, as deny is the default action. | |
| 85 | |
| 86 A third example. Deny any mails with "discount", "weightloss", or "bonus" in | |
| 87 the subject. Allow PGP signed and plain text mails. Anything else is denied: | |
| 88 | |
| 387 | 89 deny ^Subject:.*discount |
| 90 deny ^Subject:.*weightloss | |
| 91 deny ^Subject:.*bonus | |
| 92 allow ^Content-Type: multipart/signed | |
| 93 allow ^Content-Type: text/plain | |
| 94 |