(optional) Replace any matched text with this text.
This option is extremely useful for announcements lists, as it can be used to provide transparent posting security, so that only you are allowed to send to your mailing list, with 100% security,
no-one else is able to, and you do not have to do anything special once it is set up.
For example, you can create an action phrase which refuses any postings that do not have your signature line in them, and which changes your signature in a subtle way, perhaps changing a comma to a
semicolon, so that the action phrase which allows posts is no longer present..
Or, if you are using a particular version of a mail program, which adds its own header to every message (example: "X-Mailer: MS Mail 3.412") you can set your list up to refuse any message that
doesn't have a particular characteristic. Another use is to require a certain password to be included in every posting, and all postings without that password are rejected.
If you do not use the "Replace With" feature, then the key phrase, which allowed the message to go through, is visible in your postings. Thus, it is possible that someone would take your example
message, change a few things, and attempt to forge the message as if it came from you. Because the key phrase is visible in the posted message, someone can exploit this. This is unlikely, but it is
possible. There are some malfunctioning mail server programs which take locally undeliverable mail and return it in such a way that it looks exactly like the original post Lyris almost always
catches this problem (because they have headers in them that Lyris added to catch this), but the same technique is possible by someone who is dishonest.
The "Replace With" feature allows you to change (or erase) the key phrase which allowed your message to be posted. Say, for example, that you set your action phrase to refuse all postings which do
not contain "X-Mailer: MS Mail 3.412" in their header. Messages that are accepted should change this key phrase to have a slight difference, say: "X-Mailer: MS Mail 3.413". There is no way for
others to know that the "2" changed to a "3", and hence no way for them to bypass your security.
Other headers can be used as well. For example, have the action phrase be a particular "Received" header, which indicates from where the message came from. Set your action phrase to look for a
Received: header that only your internal network would generate, set your action phrase to refuse messages which do not have this Received: line, and then slightly alter the Received: line so that
others do not know what the key is to get in.
This feature can also be used to implement password based posting, which means that any contribution which does not have the posting password is refused. For example, set your action phrase to
refuse any posting which does not contain the word "open sesame", then set the action phrase to Replace With a space (" "), thus erasing the password.