Lyris User's Guide
[previous] [next] [contents]
Overview of Lyris Posting Security
Table of Contents
Lyris Email Commands
Web Interface for Users
Server Administrator
Site Administrator
List Administrator
Other Topics
Security Considerations
Security Issues Relating to Members
Access to the list archives
Access to the list of members
Access to Subscribe to the Mailing List
Steps to restrict false impersonations
Security Features for Posting Messages
Access to unsubscribe and change settings
Visibility of the existence of the mailing list
Web Interface Access
Overview of Lyris Posting Security
Security Considerations of the From: field
Security Recommendations for Announcement lists
How Lyris Determines the Identity of the Person Posting
Lyris Mail Merge
The Lyris command line
Modifying lyris.plc
Add-On Packages
Installing and Upgrading
Frequently Asked Questions

Overview of Lyris Posting Security

This document covers the various techniques for implementing posting security with Lyris: that is, only letting the messages through to your list that you want distributed.

Available posting security methods

Here is a list of all the different posting security techniques available in Lyris. You can one technique, or many, to achieve the combination of security and ease of use that you desire.

This document is intended as an overview. A more complete listing of every security feature for posting is available at the section titled Security Features for Posting Messages .

1) Only members that are list administrators can post. Messages from others are automatically rejected. See Admin Send.

2) all messages are moderated: all messages to be sent are stored in a "to be moderated" area, and either must be approved from the web interface, or by a list moderator, who receives a request-to-approve email message from Lyris for every posting. See Moderated.

3) some members are moderated: set your list to "number moderated" and then set your list settings to define how many approvals new members need before they can post unmoderated. You can choose to always moderate members, and then edit specific members who "number of approvals needed" is zero, so that they can post unapproved. See Moderated and Number of Approvals .

4) By default non-members cannot post to a mailing list. This can be disabled, to allow non-members to post. If new member moderating is on, the postings from the non-members are treated as new member postings, and are moderated.

5) action phrases only allow postings from certain domains -- for example, only people whose email addresses have the text "" in their From: address are allowed through. See Server Action Phrases.

6) password based posting: all postings to the mailing list must have a secret password somewhere in the message, or they are refused. The secret password is removed from the message before it is posted. There is a built-in feature to offer this feature in the List Settings (as of version 2.548) or you can use Server Action Phrases.

7) secret code posting: all postings to the mailing list must have some code in them, or they are otherwise refused. For example, if your email program automatically puts a X-Organization: header in all the messages you send out, you could refuse all messages that do not have this header in them. For added security, you can have Lyris change this matched text to something else, for instance changing: "Organization: Shelby Group Ltd." to "Organization: Shelby Group" (ie: removing the "Ltd."). See Server Action Phrases.

8) disallow email posting entirely, and require all postings to be contributed through the web interface. See Reject Email Submissions.

9) Ban certain members or groups of members (ie: names or domains) from joining or posting to the mailing list.

Other pages which link to this page:
  • Security Issues Relating to Members
  • Page 395 of 556