Overview of Lyris Posting Security
This document covers the various techniques for implementing posting security with Lyris: that is, only letting the messages through to your list that you want distributed.
Available posting security methods
Here is a list of all the different posting security techniques available in Lyris. You can one technique, or many, to achieve the combination of security and ease of use that you desire.
This document is intended as an overview. A more complete listing of every security feature for posting is available at the section titled Security Features for Posting Messages
1) Only members that are list administrators can post. Messages from others are automatically rejected. See Admin Send.
2) all messages are moderated: all messages to be sent are stored in a "to be moderated" area, and either must be approved from the web interface, or by a list moderator, who receives a
request-to-approve email message from Lyris for every posting. See Moderated.
3) some members are moderated: set your list to "number moderated" and then set your list settings to define how many approvals new members need before they can post unmoderated. You can choose to
always moderate members, and then edit specific members who "number of approvals needed" is zero, so that they can post unapproved. See Moderated and Number of Approvals
4) By default non-members cannot post to a mailing list. This can be disabled, to allow non-members to post. If new member moderating is on, the postings from the non-members are treated as new
member postings, and are moderated.
5) action phrases only allow postings from certain domains -- for example, only people whose email addresses have the text "@shelby.com" in their From: address are allowed through. See
Server Action Phrases.
6) password based posting: all postings to the mailing list must have a secret password somewhere in the message, or they are refused. The secret password is removed from the message before it is
posted. There is a built-in feature to offer this feature in the List Settings (as of version 2.548) or you can use Server Action Phrases.
7) secret code posting: all postings to the mailing list must have some code in them, or they are otherwise refused. For example, if your email program automatically puts a X-Organization: header in
all the messages you send out, you could refuse all messages that do not have this header in them. For added security, you can have Lyris change this matched text to something else, for instance
changing: "Organization: Shelby Group Ltd." to "Organization: Shelby Group" (ie: removing the "Ltd."). See Server Action Phrases.
8) disallow email posting entirely, and require all postings to be contributed through the web interface. See Reject Email Submissions.
9) Ban certain members or groups of members (ie: names or domains) from joining or posting to the mailing list.