Lyris User's Guide
[previous] [next] [contents]
Action Phrase Restrictions
Table of Contents
Lyris Email Commands
Web Interface for Users
Server Administrator
Site Administrator
List Administrator
Other Topics
Security Considerations
Security Issues Relating to Members
Access to the list archives
Access to the list of members
Access to Subscribe to the Mailing List
Steps to restrict false impersonations
Security Features for Posting Messages
List admin posting
Admin Moderation
Number moderating
Allow Non-Member Posting
Action Phrase Restrictions
Password based posting
Banning members
Disallow Email Posting
Secure HTTP web interface
Lyris extensions
Confirmed subscriptions
Duplicate messages
Maximum posts per member
Maximum quoting allowed
Maximum Messages Per Day
Limit the Message Size
Reject Email Attachments
Moderator auto-approval
Command detection
Anonymous Postings
Access to unsubscribe and change settings
Visibility of the existence of the mailing list
Web Interface Access
Overview of Lyris Posting Security
Security Considerations of the From: field
Security Recommendations for Announcement lists
How Lyris Determines the Identity of the Person Posting
Lyris Mail Merge
The Lyris command line
Modifying lyris.plc
Add-On Packages
Installing and Upgrading
Frequently Asked Questions

Action Phrase Restrictions

Action Phrases are a feature in Lyris that allow you to trigger various actions based on some text appearing in a message. You can look for a trigger phrase in the body of a message, in the headers, in the Subject:, the From: etc.

Action phrases permit several kind of security restrictions to be placed on postings. For example, you can use an action phrase to refuse if a message if:
1) some particular text does not appear in a specific place in the message
2) some particular text does appear

An few example will help make this clearer.

Suppose that everyone in your company uses the Eudora Email program, which, incidentally inserts a "X-Mailer: Eudora" header in every message it sends. You can put an action phrase which automatically rejects any message not created with Eudora. Then, to hide the fact that "X-Mailer: Eudora" might be the trigger phrase, have the Lyris action phrase change the message to say "X-Mailer: Windows Eudora", so that it no longer matches.

This use of the action phrase feature allows you to reject all messages that do not have some secret phrase in them. If you want, you can create multiple action phrases to add several layers of checks. This sort of checking is very useful with announcement lists.

Action phrases also have the capability of sending a document back, so you can inform the attempted sender that their message was refused. You also have the option being notified when an action phrase triggers. This lets you monitor attempts to "hack" your system.

Another example: suppose that you maintain a mailing list to discuss Apple computers, and you are not interested in discussing Unix. You can set an action phrase to refuse any message that mentions "Unix". People often use this feature to bar inappropriate language on their discussion lists.

Action phrases are not restricted to postings. For example, they can also be put on an autoresponder. For example, you could put your price list on an autoresponder, but require a password to get it. If the password is not in the email message, the action phrase triggers, and sends a refusal message. If the password is present, the action phrase does not trigger and the price list is sent.

Some people use action phrases to disable Lyris server commands, or to be notified of things that are suspicious. For example, some mailing list owners have had their lists "hacked" when they were using other list servers, and like to be told if someone is trying to snoop through their list. Thus, they disallow the "review" command (which already does not provide the member list), and set themselves to be notified of any attempts to use this command.

Yet another use of action phrases is to only allow postings from certain domains -- for example, only people whose email addresses have the text "" in their From: address are allowed through.

Other pages which link to this page:
  • Security Features for Posting Messages
  • Page 375 of 556