Mercurial > hg > mlmmj
annotate README.access @ 790:e05f92db6857 BRANCH_1_2_17
Added tag RELEASE_1_2_17_1 for changeset dc0f9614c839
author | Ben Schmidt |
---|---|
date | Sun, 21 Nov 2010 01:00:59 +1100 |
parents | 7e1127e22936 |
children | 30e6e309891d |
rev | line source |
---|---|
387 | 1 README.access present in mlmmj versions >= 0.8.0 |
2 (moderate tag since 1.1.0-RC3) | |
256 | 3 Access control in mlmmj |
4 ======================= | |
5 | |
6 If the file listdir/control/access is present, access control is enabled. | |
7 | |
8 NOTE: the default action is to deny access (reject the mail), so an empty | |
261 | 9 access control file will cause mlmmj to reject all posts, whereas a non- |
10 existant file will change nothing, and mlmmj will behave as usual. | |
256 | 11 |
12 Each header in the mail is tested against each rule, rule by rule. That is, | |
13 all headers are first tested against the first rule, then all headers are | |
14 tested against the second rule, and so on. | |
15 | |
640
3770bb64ea17
Added support for 'discard' keyword in access rules (Sascha Sommer)
mortenp
parents:
387
diff
changeset
|
16 The first rule to match a header decides which action to take - allow, deny, |
3770bb64ea17
Added support for 'discard' keyword in access rules (Sascha Sommer)
mortenp
parents:
387
diff
changeset
|
17 discard or moderate the post. |
256 | 18 |
19 The syntax is quite simple: action[ [!]regexp] | |
640
3770bb64ea17
Added support for 'discard' keyword in access rules (Sascha Sommer)
mortenp
parents:
387
diff
changeset
|
20 - "Action" can be "allow", "deny", "discard" or "moderate". |
256 | 21 - The optional "!" makes the rule a match, if NO header matches the regular |
22 expression. | |
23 - "Regexp" is a POSIX.2 extended regular expression. Matching is done case | |
24 insensitive. | |
25 | |
717
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
26 The action "allow" will pass the mail on to the next step in processing. The |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
27 mail may still be held for moderation, if it would have been so without access |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
28 rules. |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
29 |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
30 The action "deny" will not send the mail to the mailing list, but will send a |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
31 rejection mail to the sender. |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
32 |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
33 The action "discard" will not send the mail to the list, and will not send a |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
34 rejection mail. |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
35 |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
36 The action "moderate" will hold the mail for moderation. |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
37 |
387 | 38 IMPORTANT: if "moderate" is used then don't forget to add people who should |
39 function as moderators in listdir/control/moderators | |
256 | 40 |
717
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
41 |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
42 The flow out of the access system is like this: |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
43 |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
44 | |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
45 v |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
46 +--------+ deny +--------+ discard +---------+ |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
47 | reject |<-------| access |---------->| discard | |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
48 +--------+ +--------+ +---------+ |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
49 allow | | moderate |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
50 | +-----------+ |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
51 v v |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
52 +------------+ +------+ |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
53 | moderation |--->| hold | |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
54 +------------+ +------+ |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
55 | | |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
56 v | |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
57 +------+ | |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
58 | send |<---------+ |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
59 +------+ |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
60 |
7e1127e22936
added description of the keywords, added flow graph
mortenp
parents:
640
diff
changeset
|
61 |
256 | 62 First a simple example. This rule set will reject any mail that is NOT plain |
63 text, or has a subject that contains "BayStar", and allow anything else: | |
64 | |
387 | 65 deny !^Content-Type: text/plain |
66 deny ^Subject:.*BayStar | |
67 allow | |
256 | 68 |
387 | 69 To allow only text mails, but have the moderators moderate every html mail one |
70 would use this: | |
71 | |
72 allow ^Content-Type: text/plain | |
73 moderate ^Content-Type: text/html | |
74 deny | |
256 | 75 |
76 Now on to a more advanced example. Morten can post anything, Mads Martin can | |
77 post if the subject does not contain "SCO". Everything else is denied: | |
78 | |
387 | 79 allow ^From: Morten |
80 deny ^Subject:.*SCO | |
81 allow ^From: Mads Martin | |
82 deny | |
256 | 83 |
84 The last rule (deny) can be left out, as deny is the default action. | |
85 | |
86 A third example. Deny any mails with "discount", "weightloss", or "bonus" in | |
87 the subject. Allow PGP signed and plain text mails. Anything else is denied: | |
88 | |
387 | 89 deny ^Subject:.*discount |
90 deny ^Subject:.*weightloss | |
91 deny ^Subject:.*bonus | |
92 allow ^Content-Type: multipart/signed | |
93 allow ^Content-Type: text/plain | |
94 |