On Tuesday 10 of November 2020 16:23:58 Michele Calgaro via tde-users wrote: > On 2020/11/10 10:46 PM, Dr. Nikolaus Klepp wrote: > > Anno domini 2020 Tue, 10 Nov 15:38:13 +0100 > > > > Slávek Banko via tde-users scripsit: > >> [...] > >> There is another possible level of defense: to set up newly > >> subscribed users not only to have to confirm their email address, but > >> also to be approved by a moderator. That could be an acceptable > >> compromise. > >> > >> What is your opinion? > > > > Would be a start. But I think the spamers will just add another > > strategy to steal the mods time and get past him. > > > > Nik > > Is there an option to allow hyperkitty web interface only for "approved" > users? This way users can still subscribe easily to ML but would not > have automatic access to the web interface. > It seems that the only way to approve a user is when subscribing to the ML. > Other idea: is it possible to force emails sent from web interface to > another server and then back to mail server for distribution to ML? this > way spam msgs should get caught by spam filters. Like having an > intermediate email address. From web interface go automatically to this > intermediate address on different server == filter out spam. Then this > server forward to ML. Or maybe have hyperkitty GUI on a separate front > end of hyperkitty backend > To be precise: Hyperkitty creates the mail and forwards it to the local mail server. Mail server performs the usual checks, including antispam / antivirus checks (using RSPAMD). But here the message gets (must get) an advantage - no checks based on the sender's IP address are applied. The message is then submited to the mailman. There, messages are created for individual recipients and forwarded back to the mail server for distribution. Again, these are locally transmitted messages. So the message actually goes through the spam filter twice, just like all other messages coming in by email. Only they have an advantage. Using some other mail server is a problem - there messages could be rejected due to (poorly designed) SPF technology. There would have to be the same exception from the tests based on the sender's IP address => again the opportunity not to get points for these tests. So it does not serve the intended purpose. > Just thwroing around loose thoughts :-) > Ideas are welcome. > Cheers > Michele Cheers -- Slávek
Attachment:
signature.asc
Description: This is a digitally signed message part.
____________________________________________________ tde-users mailing list -- users@xxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxx Web mail archive available at https://mail.trinitydesktop.org/mailman3/hyperkitty/list/users@xxxxxxxxxxxxxxxxxx
