All messages to be sent are stored in a "to be moderated" area, and either must be approved from the web interface, or by a list moderator, who receives a request-to-approve email
message from Lyris for every posting. The message that the moderator sends back to Lyris must contain both the "message number" to approve the specific message, as well as the password which
corresponds to that person's From: address.
This is a fairly secure method of protecting your mailing list. The main way that a malicious person could break through this protection would be to have a "TCP/IP packet sniffer" on your TCP/IP
connection (perhaps in your office network) and try to see the password that you have. Then, the person could theoretically use your password to approve future messages.
If you are concerned about this type of security attack, you can take some simple steps to prevent it. First, set your list up to not send moderator notification messages (no member set to "receive
moderation notifications"). Then, when a message needs to be approved, use the Lyris web interface to approve it. For additional security, use a web server that supports Secure-HTTP, so that the
Lyris web interface communication is entirely encrypted, and cannot be "sniffed".