[comp.mail.sendmail] Private Mailing Lists

hogan@csl.sri.com (Emmett Hogan) (08/21/89)

I have a curious problem which I hope someone can help me with.
I would like the ability to create "private mailing Lists,"
(i.e. lists that only the creator/owner of the list is able
to use), but since sendmail runs as root, it has access to all
files, thus if someone knows the list is there, they can use it.

I realize that I could make the list "hidden", but I would much
rather be able to make it unusable to anyone other than the owner.

I have a feeling that I am S.O.L. on this one, but I thought I
would throw it out to the net for any ideas.

Thanks in advance,
Emmett Hogan
(hogan@csl.sri.com)

karl@triceratops.cis.ohio-state.edu (Karl Kleinpaste) (08/21/89)

hogan@csl.sri.com writes:
   I would like the ability to create "private mailing Lists,"...
   I realize that I could make the list "hidden", but I would much
   rather be able to make it unusable to anyone other than the owner.

Below I offer the current state of my mailing list management scheme,
this time in its "fire extinguisher" incarnation.  This provides for
a file of unauthorized addresses, which the controlling script
recognizes and rejects.  This can be used as an example from which to
build the sort of thing you're looking for; instead of looking for
addresses which should be rejected, change the logic so that it
rejects everything unless the address is the one allowed address.
Also, the fact that one of the aliases needed in /usr/lib/aliases is
"list-name-out" can be avoided by changing the invocation of sendmail
inside the controlling script from (approximately)
	/usr/lib/sendmail list-name-out
to
	/usr/lib/sendmail `/bin/cat Aliases`
with the same effect, until & unless your Aliases file gets really,
really large.  This can make the list completely unusable to anyone
but the owner.

Kindly spare me any flames about writing scripts in csh; this is one
of my milder examples csh script usage, and is comparatively mundane
by my standards.  It works, and that's what matters.

--Karl

#! /bin/sh
# This is a shell archive, meaning:
# 1. Remove everything above the #! /bin/sh line.
# 2. Save the resulting text in a file.
# 3. Execute the file with /bin/sh (not csh) to create the files:
#	Aliases
#	Reject
#	SendScript
#	Unauthorized
#	usr-lib-aliases
# This archive created: Mon Aug 21 10:15:29 1989
# By:	Karl Kleinpaste (OSU)
export PATH; PATH=/bin:$PATH
echo shar: extracting "'Aliases'" '(59 characters)'
if test -f 'Aliases'
then
	echo shar: will not over-write existing file "'Aliases'"
else
sed 's/^X//' << \doo-wah-ditty > 'Aliases'
Xsample@address.number1.edu
Xsample!address!number2!somebody
doo-wah-ditty
if test 59 -ne "`wc -c < 'Aliases'`"
then
	echo shar: error transmitting "'Aliases'" '(should have been 59 characters)'
fi
fi # end of overwriting check
echo shar: extracting "'Reject'" '(219 characters)'
if test -f 'Reject'
then
	echo shar: will not over-write existing file "'Reject'"
else
sed 's/^X//' << \doo-wah-ditty > 'Reject'
XThe following note has been rejected by the "fire extinguisher" of the
X<list-name> mailing list.  If you wish to question the rejection,
Xplease send your note to the list maintainer.
X
X--Karl Kleinpaste
XList Maintainer
X
doo-wah-ditty
if test 219 -ne "`wc -c < 'Reject'`"
then
	echo shar: error transmitting "'Reject'" '(should have been 219 characters)'
fi
fi # end of overwriting check
echo shar: extracting "'SendScript'" '(1283 characters)'
if test -f 'SendScript'
then
	echo shar: will not over-write existing file "'SendScript'"
else
sed 's/^X//' << \doo-wah-ditty > 'SendScript'
X#!/bin/csh -f
X# CONFIG HERE.
Xset dir=/directory/used/for/list/maintenance
Xset address=list-name
Xset domain=cis.ohio-state.edu
Xset path=(/usr/local/bin /usr/ucb /bin /usr/bin)
X#
X# Prepare for cleanup
Xset tmp1=/tmp/list.1.$$
Xset tmp2=/tmp/list.2.$$
Xset tmp3=/tmp/list.3.$$
X#
X# Save the incoming mail, then find the From: line
Xcat - > $tmp1
Xgrep '^From: ' $tmp1 | head -1 | sed -e 's/^From: //' > $tmp2
X#
X# Determine if it's "name <add@ress>" or "add@ress (name)."
Xgrep -s '<' $tmp2 >& /dev/null
Xif ($status == 0) then
X	# Address contained within <>
X	sed -e 's/^.*<\(.*\)>.*$/\1/' < $tmp2 > $tmp3
Xelse
X	# Address in any other form
X	sed -e 's/(.*)//' -e 's/".*"//' -e 's/ //' < $tmp2 > $tmp3
Xendif
X#
X# Look for that address in the Unauthorized file.
Xfgrep -i -s -f $dir/Unauthorized $tmp3 >& /dev/null
Xif ($status == 0) then
X	# Reject.
X	cat $dir/Reject $tmp1 | Mail -s 'Rejected note' \
X		`cat $tmp3` $address-request@$domain
Xelse
X	# Accept.
X	cat $tmp1 | sed -e '/^Reply-To:/d' -e '/^Sender:/d' -e '/^From /d' | \
X		(echo Errors-to: $address-request@$domain; \
X		 echo Sender: $address-request@$domain; \
X		 echo Precedence: bulk; \
X			cat -) | \
X		/usr/lib/sendmail -f $address-request@$domain \
X			-F "$address Mailing List" firearms-out
Xendif
X#
X# Done.
Xrm -f $tmp1 $tmp2 $tmp3
Xexit 0
doo-wah-ditty
if test 1283 -ne "`wc -c < 'SendScript'`"
then
	echo shar: error transmitting "'SendScript'" '(should have been 1283 characters)'
fi
chmod +x 'SendScript'
fi # end of overwriting check
echo shar: extracting "'Unauthorized'" '(89 characters)'
if test -f 'Unauthorized'
then
	echo shar: will not over-write existing file "'Unauthorized'"
else
sed 's/^X//' << \doo-wah-ditty > 'Unauthorized'
Xsample-nasty-username%some.domain.com@relay.cs.net
Xsample-nasty-username@some.domain.com
doo-wah-ditty
if test 89 -ne "`wc -c < 'Unauthorized'`"
then
	echo shar: error transmitting "'Unauthorized'" '(should have been 89 characters)'
fi
fi # end of overwriting check
echo shar: extracting "'usr-lib-aliases'" '(231 characters)'
if test -f 'usr-lib-aliases'
then
	echo shar: will not over-write existing file "'usr-lib-aliases'"
else
sed 's/^X//' << \doo-wah-ditty > 'usr-lib-aliases'
Xlist-name-request:	karl
Xlist-name:		"|/directory/used/for/list/maintenance/SendScript"
Xowner-list-name:	list-name-request
Xlist-name-out:		:include:/directory/used/for/list/maintenance/Aliases
Xowner-list-name-out:	list-name-request
doo-wah-ditty
if test 231 -ne "`wc -c < 'usr-lib-aliases'`"
then
	echo shar: error transmitting "'usr-lib-aliases'" '(should have been 231 characters)'
fi
fi # end of overwriting check
#	End of shell archive
exit 0

gandalf@csli.Stanford.EDU (Juergen Wagner) (08/22/89)

Why not simply use aliases in .mailrc? You can protect your aliases file,
so nobody but the owner may use it. If you want to allow certain outside
people to use your mailing list, create an alias "private_mailing_list" for
your user name, and handle forwarding to your private mailing list with a
filter program in your .forward or directly in the aliases file.

Another question: why do you need a private mailing list?

Juergen Wagner		   			gandalf@csli.stanford.edu
						 wagner@arisia.xerox.com