Sign In | Sign Out | Subscribe to Mailing Lists | Unsubscribe or Change Settings | Help |
smoe.org mailing lists
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = configset GLOBAL access_rules <<TAG [VALUE LINES] TAG - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - configset listname access_rules <<TAG [VALUE LINES] TAG - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Default Value : no default Data Type : access_rules Category : access moderate Password Notes: Visible only with password. = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = EXAMPLE: configset GLOBAL access_rules << ENDTAG show,which,who deny, replyfile=NoShowWhichWho ALL access deny /msn/i OR /hotbot/i ENDTAG The access_rules setting controls who is permitted to use Majordomo commands or to post messages to a mailing list. Each rule consists of three or more lines. The first line is one or more Majordomo commands, separated by commas. The second line is one or more actions to take, separated by commas. The third and succeeding lines specify the conditions under which the rule is used. Blank lines are used to separate individual rules from one another. The access_rules setting is a powerful feature that can be used for fine-grained control of specific Majordomo commands. In many cases, more convenient configuration settings, such as the subscribe_policy setting, are available to control access to common commands. The access_rules setting will override any of these other settings. The commands, actions, and conditions are described in detail in the following sections of this document. Commands Access rules for the GLOBAL pseudo-list do not apply to regular mailing lists; they primarily apply to commands that are not list-specific. The following table illustrates which access rules and other settings apply to which commands: Command Which rules apply Other settings for this command --------------------------------------------------------------------- accept none none access GLOBAL block_headers advertise list-specific** advertise, noadvertise alias GLOBAL none announce list-specific* none approve none none archive list-specific archive_access changeaddr GLOBAL none configdef none none configset none none configshow none none createlist GLOBAL none default none none digest list-specific none end none none faq list-specific* faq_access get list-specific* get_access help GLOBAL none index list-specific* index_access info list-specific* info_access intro list-specific* intro_access lists GLOBAL** advertise, noadvertise owner list-specific* none password GLOBAL none post list-specific moderate, restrict_post, etc. put list-specific* none register GLOBAL none reject none none rekey GLOBAL none sessioninfo none none set list-specific* set_policy show GLOBAL none showtokens list-specific* none subscribe list-specific* subscribe_policy tokeninfo list-specific* none trigger none none unalias GLOBAL none unregister GLOBAL none unsubscribe list-specific* unsubscribe_policy which list-specific which_access who list-specific* who_access --------------------------------------------------------------------- * Some list-specific commands can be affected by GLOBAL access rules. For example, a GLOBAL access rule for the set command would affect the "set ALL" command, which allows the settings for multiple list subscriptions to be changed at once. Please refer to the help file for each command for more details on the exceptions. ** List-specific rules for the lists command should use the word "advertise" instead of the word "lists" on the first line of each rule. The table lists several commands for which the access rules have no effect. There are basically two cases in which this is true. For some administrative commands (configdef, configset, configshow), an administrative password is always required. For other commands, no password is ever needed: for example, to use the tokeninfo or sessioninfo command, it is only necessary to know the token or session number. In general, any command that is issued with a valid administrative password will succeed immediately, and the access_rules setting will have no effect. There are two exceptions to this rule for commands that are affected by the access rules: if the access_password_override setting is turned off, or if the "rule" command mode is used. For example, the following command: subscribe-rule LISTNAME would be subject to the access rules for the LISTNAME mailing list, regardless of whether an administrative password is used. It is possible to use comments before, between, and after the individual rules, but not within rules. Comments are lines that begin with a '#'. Any access rule which refers to an auxiliary list will cause it to be created automatically. See "help auxiliary_list" for an introduction to auxiliary lists. Actions The following table summarizes every action that can be used on the second line of an access rule. The first rule that matches the command and conditions and that contains a "terminal" action will cause all succeeding rules to be ignored. Action Terminal? Default Reply File ------------------------------------------------------------------- allow yes none confirm yes repl_confirm confirm2 yes repl_confirm2* confirm_consult yes repl_confcons consult yes repl_consult or ack_stall default yes none delay yes repl_delay or ack_delay deny yes repl_deny or ack_denial forward yes repl_forward mailfile no none notify no none replyfile no none set no none unset no none ------------------------------------------------------------------- * If the victim's password is supplied, and only one confirmation step is required, the repl_confirm_req reply file will be used by default. The default reply file is used to display the result of a command. The ack_delay, ack_denial, and ack_stall files are only used in response to posted messages. See "help reply_files" and the Reply Files section of this document for more information. In the descriptions of each action that follow, the "victim" is the address of the person affected by a command, and the "requester" is the address of the person who issued the command. For example, if jane@example.net issues the following command: subscribe LISTNAME ruth@example.com the requester is jane@example.net, and the victim is ruth@example.com. In many cases, the requester and the victim will be identical. Each action can optionally be customized by following its name with an equals sign and one or more parameters, separated by commas. The purpose of the parameters varies from action to action. allow ----- The allow action causes the command to succeed immediately. The allow action takes one parameter, a number, for example: allow=3 The default value of this parameter is 1. Using a higher number can influence the result of the which and who commands. See the Illustrative Examples section of this document for more details. The "default" action for the post command includes checks that prevent large messages and mail loops from appearing on the list. Use the allow action with caution in rules for the post command, because these checks will be bypassed. confirm ------- The confirm action causes a confirmation notice to be mailed to the address of the victim. The confirm action takes one parameter, the name of the file that is mailed to the victim. The default value is "confirm". confirm2 -------- The confirm2 action depends upon the identities of the requester and the victim, according to the following three rules: * If requester and victim are identical, send a confirmation message to the victim. * If requester and victim are different, but the victim's password was supplied, confirm with the requester. The confirmation message will state that the command was requested by the victim. * Otherwise, send a confirmation message to the victim, and if the victim confirms the command, send a confirmation message to the requester. The confirm2 action takes up to two parameters: The first parameter is the name of the file sent to the victim. The default value is "confirm". The second parameter is the name of the file sent to the requester. The default value is "confirm". This is the default action for the changeaddr command, but it may also be used for other commands where the user and victim are different. confirm_consult --------------- The confirm_consult action causes a confirmation message to be sent to the victim. If the victim approves the message, a confirmation message is sent to the moderators of the list. The confirm_consult action takes up to four parameters: The first parameter is the name of the file sent to the victim. The default value is "confirm". The second parameter is the name of the file sent to the moderators. The default value is "consult". The third parameter is the name of an auxiliary list which contains the addresses of the moderators. The default value is "moderators". If the auxiliary list does not contain any addresses, the moderators, and whoami_owner configuration settings are examined until a valid address is found. The fourth parameter is the number of moderator approvals required. The default value is 1. consult ------- The consult action causes a confirmation notice to be sent to a group of moderators. The consult action takes up to four parameters. The first parameter is the name of the file sent to the moderators. The default value is "consult". The second parameter is the number of approvals required to confirm the command. The default value is 1. The third parameter is the name of an auxiliary list which contains the addresses of the moderators. The default value is "moderators". If the auxiliary list does not contain any addresses, the moderators, and whoami_owner configuration settings are examined until a valid address is found. The fourth parameter is the size of the pool of moderators who receive the confirmation message. If this number is smaller than the total number of moderators and greater than zero, the moderators who receive the confirmation are chosen randomly. If this number is 0, all of the moderators receive the confirmation message. If this number is -1, the pool size is taken from the moderator_group configuration setting. The default value is -1. default ------- The default action causes all succeeding access rules to be ignored. The default result for the command is used; see "help access_variables" for a description of the default actions for each command. The default action takes no parameters. delay ----- The delay action causes a command to be postponed until a later time. The delay action takes up to two parameters: The first parameter is the name of the file that is sent to the victim. The default value is "delay". The second parameter is the amount of time to delay the command. See the "Time Period" section of "help times" for the time specification format. The default value is 0. The access rules have both a delay action and a delay variable. See "help access_variables" for a description of the delay variable. See "help delay" for an explanation of how delayed commands are completed. deny ---- The deny action causes the command to be discarded. The deny action takes one parameter, the name of the reply file to be sent to the requester. The default value is "ack_denial" for posted messages and "repl_deny" for all other commands. forward ------- The forward action causes the command or posted message to be mailed to another address. The forward action takes one parameter, the address to which the command is forwarded. The default value is the address in the whoami_owner configuration setting. mailfile -------- The mailfile action causes a file to be mailed to the address of the victim. This file is sent in addition to any reply message that would ordinarily be sent to the requester. The mailfile action takes one parameter, the name of the file to mail. The default is a "file not found" error message. notify ------ The notify action allows fine-grained control of the attributes of a confirmation notice for the confirm, confirm2, confirm_consult, and consult actions. Up to four notify actions can be used by one rule. The notify action takes one or more parameters of the form variable=value The supported "notify variables" are documented in the "help access_variables" document. reason ------ The reason action allows additional information to be included in the reply message that is sent to the requester. The collection of reasons is made available in the $REASONS keyword substitution in the reply file. Reasons are also displayed in confirmation messages. The reason action takes one parameter, a brief, free text message. The default value is empty. reply ----- The reply action replaces the text of the default reply file that is sent to the requester with a brief message. The reply action takes one parameter, a brief, free text message. The default value is empty. replyfile --------- The replyfile action replaces the name of the default reply file that is sent to the requester. The replyfile action takes one parameter, a file name. The default value is "file_not_found". set --- The set action changes the value of an access variable. See "help access_variables" for a list of the variables that are supported. The set action takes one parameter, of the following form: variable=value If only the variable name is used, the variable is set to the value 1. unset ----- The set action resets the value of an access variable. See "help access_variables" for a list of the variables that are supported. The set action takes one parameter, the name of an access variable. The variable is set to 0 (for boolean, numeric, and timespan variables) or the empty string (for string variables). Conditions An access rule will only be applicable to a particular command if the rule's conditions match the characteristics of the command. If no rules match, the "default" action is taken, which results in a reasonable emulation of the Majordomo 1 behavior using who_access, moderate, restrict_post, and other configuration settings. The default actions for all requests are listed below. Several special features are supported by the condition syntax: Logical ------- AND, && - the conditions on both sides must be true OR, || - any one or both of the conditions must be true. NOT, ! - the following condition must be false Grouping -------- (, ) - parentheses may be used to enclose groups of conditions. Address match ------------- /expression/ - true if the e-mail address of the victim matches the regular expression. See "help patterns" for an introduction to regular expressions. Membership check ---------------- @MAIN - true if the victim is a subscriber to the mailing list. ('@' can be used as an abbreviation for '@MAIN'.) @SUBLIST - true if the victim is a member of the SUBLIST auxiliary list. (See "help auxiliary_list" for an introduction to sublists.) @LIST:SUBLIST - true if the victim is a member of the SUBLIST auxiliary list of the LIST mailing list. Comparisons ----------- $variable is true if the supplied variable has a true value. True values are neither 0 nor a zero-length string. $variable = STRING is true if the variable equals the given string of characters. $variable != STRING is true if the variable does not equal the given string of characters. $variable =~ /PATTERN/ is true if the variable matches the given pattern. $variable !~ /PATTERN/ is true if the variable does not match the given pattern. $variable < NUMBER is true if the variable is less than the given number. $variable <= NUMBER is true if the variable is less than or equal to the given number. $variable > NUMBER is true if the variable is greater than the given number. $variable >= NUMBER is true if the variable is greater than or equal to the given number. $variable == NUMBER is true if the variable is equal to the given number. $variable <> NUMBER is true if the variable is not equal to the given number. ALL is always true. See "help access_variables" for a list of the variables that can be used in comparisons. Time constraints ---------------- *time* - true if the current time matches the time specification between the asterisks. See the "Scheduled times" section of the "help times" document for a description of the syntax. Reply Messages Reply messages indicating the result of a command or posted message are not always sent to the requester. A reply will not be sent under the following circumstances: * A posted message requires confirmation, is delayed, or is forwarded, and the "ackstall" flag is not set for the author of the message. * A posted message is denied and the "ackdeny" flag is not set for the author of the message. * A posted message is allowed and the "ackpost" flag is not set for the author of the message. See "help set" and "help configset_nonmember_flags" for more information about the acknowledgement flags. In messages returned by the mailfile, reply, and replyfile actions, the standard substitution variables plus CMDLINE, FULFILL, NOTIFY, REASONS, REQUESTER, and VICTIM are supported. See "help variables" for a description of each variable. The syntax for specifying file names with access variables is different from the put and get commands. If a file name is specified without a leading '/', the slash is automatically prefixed. In other words,"consult" and "/consult" are identical. This is also true for the "file" and "chainfile" notify variables. The actions reply=NONE and replyfile=NONE will override the "ackstall" or "ackdeny" flag and prevent a reply message from being sent if a posted message is delayed, denied, forwarded, or requires confirmation. Default Actions If no access rules with terminal actions (other than the "default" action) apply to a command or posted message, Majordomo will apply the default action for the command, as described by the following table: Command Default action -------------------------------- access special advertise special alias confirm announce deny archive access changeaddr confirm2 createlist deny digest deny faq access get access help allow index access info access intro access lists allow password confirm post special put deny register confirm rekey deny report deny request_response allow set policy show mismatch showtokens deny subscribe policy tokeninfo allow unalias confirm unregister confirm unsubscribe policy which access who access In addition to the actions already described, the default actions include the following possibilities: access Default access is determined by a configuration setting. For example, the "which" command is controlled by the "which_access" setting. mismatch The command will succeed unless the requester and victim do not match, or if someone is posing using the "default user" command. See "help default" for more information. policy Default access is determined by a configuration setting. For example, the "subscribe" command is controlled by the "subscribe_policy" setting. special Default access is determined by a variety of configuration settings. The "special" default access for the lists ("advertise") command is determined by the advertise and noadvertise configuration settings. See "help configset_advertise" and "help configset_noadvertise" for more details. The "special" default access for the post command causes several configuration settings, including the moderate, restrict_post, taboo_body, and taboo_headers settings, to be examined. See "help admin_moderate" for more details. Illustrative Examples Moderate posts from non-subscribers ----------------------------------- post consult, reason="A message was posted by a non-subscriber" !@MAIN The "!@MAIN" condition matches any address in the "From" header of a message that is not subscribed to your mailing list. Customize the reply message for admin and taboo violations ---------------------------------------------------------- If a message violates the checks in the admin_body or admin_headers setting, the "admin" access variable will be set. The same applies to the "taboo" access variable and the taboo_body and taboo_headers settings. The following rule customizes the reply file that is sent when a message violates any of these settings. post deny, replyfile=SacredWordsUsed $admin OR $taboo The "SacredWordsUsed" file should already exist in the file space of your mailing list. See "help admin_documents" and "help put" for more information about the file space. Moderate new subscribers ------------------------ The following rule would cause posted messages from people who have been subscribed less than 14 days to be moderated. The days_since_subscribe access variable will be set to -1 for non-subscribers; only subscribers will have a value of 0 or greater. post consult, reason="New subscribers are moderated" $days_since_subscribe >= 0 AND $days_since_subscribe < 14 Confirm "mismatched" subscriptions with both addresses ------------------------------------------------------ Usually, a subscribe command with a requester and victim that vary will require the approval of the moderators of a mailing list. The following rule causes a confirmation message to be sent to the requester and victim at the same time. subscribe confirm2, chain=0 $mismatch Ban posted messages from abusers -------------------------------- The addresses of abusers can be stored in an auxiliary list using the subscribe command. The name of the auxiliary list is arbitrary. post deny, reason="Messages posted from this address are banned" @banned To receive a brief notice when posted messages are denied, you may need to adjust the inform configuration setting. See "help configset_inform" for more details. Allow posted messages from a small group ---------------------------------------- The following two rules would allow all members of the heroes auxiliary list to post without interference, while everyone else is moderated. post default @heroes post consult, reason="The mailing list is moderated" ALL Using the "default" action instead of the "allow" action for members of the heroes sublist will keep duplicate message checks, size limits, and other protective measures intact. Mail a questionnaire to prospective subscribers ----------------------------------------------- The questionnaire file should already be present in your list's file space before you add this rule. The name of the file is arbitrary. subscribe mailfile="/questions", reply="A questionnaire is being mailed to you." !@MAIN Mail a questionnaire to prospective subscribers after confirmation ------------------------------------------------------------------ Consider the following scenario: a subscription to a mailing list requires the confirmation of both the victim and the moderators of the list. After the victim confirms the subscription, a questionnaire is mailed to the victim. The moderators will approve the subscription only when the completed questionnaire is mailed to them. The following access rule will make this possible: subscribe confirm_consult, notify, notify=(fulfill=1,expire=0,chainfile=more_info,file=questions,group=victim), notify ALL This rule uses three "notify" actions to modify the behavior of the confirm_consult action. Normally, the confirm_consult action would cause two confirmation notices to be sent: the "confirm" notice would be sent to the victim, and the "consult" notice would be sent to the moderators after the victim confirms the first notice. Using three notices causes both the second notice and the third notice to have the characteristics of a "consult" notice by default. The first notify action has no customizations. This causes the default "confirm" confirmation message to be sent to the victim. The second notify action modifies a "consult" action with several customizations: * The "group=victim" customization causes the notice to be sent to the victim instead of the moderators. * The "chainfile=more_info" customization causes the "more_info" reply file to be sent to the person who confirmed the first confirmation message. * The "file=questions" customization causes the "questions" file to be sent to the victim in a separate message. * The "fulfill" and "expire" variables cause a delay token to be created which will expire immediately. Expiring the token immediately makes it unnecessary for someone to confirm the second notice. The third notify action has no customizations. This causes the default "consult" confirmation message to be sent to the moderators of the mailing list. Prevent duplicate message checksums from being used --------------------------------------------------- Normally, a posted message with a body that matches a previously posted message will be sent to the moderators for confirmation. The following rule will turn off the body checks. post unset=dup_checksum, unset=dup_partial_checksum ALL This rule unsets the dup_checksum and dup_partial_checksum access variables. See "help configset_dup_lifetime" for an explanation of the body checks. Adjust the output of the which command -------------------------------------- Unless a site or domain administrative password is used, a maximum of 1 address will be returned for each mailing list when someone uses the which command. The following rule will change the maximum to 5 addresses. which allow=5 ALL Delay unsubscriptions --------------------- In the following example, the unsubscribe-rule command, used in conjunction with an administrative password, would cause the "expiring" file to be mailed to the victim. The victim would have four days to reject the unsubscribe command and preserve the subscription. unsubscribe delay=(expiring,4d) $master_password The master_password access variable will be set only if the unsubscribe command is issued using an administrative password. This will prevent unauthorized people from using the unsubscribe-rule command to remove other people from your mailing list. See "help admin_passwords" for an introduction to administrative passwords. See "help access_variables" for an introduction to access variables. See "help configset_access_password_override" and "help unsubscribe" for an explanation of the "rule" command mode. Delay posts to spread out the system load ----------------------------------------- The following rule would delay for four hours all messages that are posted between 8:00 and 17:59. The delay only affects posted messages that would otherwise be distributed immediately. post set=(delay=4h), reason="Daytime messages are delayed." *08-17* See "help delay" for more details on delays. See Also: help access (for the special case of granting/denying all access) help access_variables (for requests, variables, defaults) help admin_moderate help configset_access_password_override help configset_archive_access (for archive command access_rules) help configset_block_headers (for how to filter out server requests) help configset_faq_access (for faq command access_rules) help configset_get_access (for get command access_rules) help configset_index_access (for index command access_rules) help configset_info_access (for info command access_rules) help configset_intro_access (for intro command access_rules) help configset_moderate help configset_post_limits (for how to restrict posting frequency) help configset_restrict_post help configset_set_policy (for set command access_rules) help configset_subscribe_policy (for subscribe command access_rules) help configset_unsubscribe_policy (for unsubscribe command access_rules) help configset_which_access (for which command access_rules) help configset_who_access (for who command access_rules) help delay help subscribe (How to add addresses to auxiliary lists) help times (How to specify a delay) help variables (A description of keyword substitutions variables) This is the "configset_access_rules" help document for Majordomo 2, version 0.1200401130. For a list of all help documents, send the following command: help topics in the body of a message to mj2@smoe.org.
For assistance, please contact the smoe.org administrators.
Sign In | Sign Out | Subscribe to Mailing Lists | Unsubscribe or Change Settings | Help |