Please use PGP auth if could, though we describe header based auth here. Also please set up MTA properly e.g. to disable smtp interfaces as could as possible.
It is a problem that PGP auth requires user's skill at some level.
In the case of header based auth, you can create a mail magazine by using the asymmetirc member list. Consider asymmetric case of member list (list of persons who can post) and recipient list below.
Firstly, remove $primary_member_map from $member_maps. Instead, define $ml_home_dir/members-mailmag who can post to $member_maps.
member_maps = $ml_home_dir/members-mailmagThe use of "subscribe" command is same as default one since "subscribe" command changes $primary_member_map not $member_maps. It is a little tricky but crafty use of $primary_XXX_map and $XX_maps enhances fml8 configuration.
In this case, when a new user is subscribed, the user address is added to both $ml_home_dir/members ($primary_member_map) and $ml_home_dir/recipinets ($primary_recipient_map). But $member_maps is defined as $ml_home_dir/members-mailmag. $ml_home_dir/members is not used. Hence, only the list of recipients is updated but the list of posters is NOT changed.
Strictly speaking, this configuration is not enough safe. If somebody fakes From: address, he/she can post since fml checks only From: address.
So, pgp auth is recommended.
primary_member_map = $tmp_dir/members-dummyand use $member_maps (member_maps = $ml_home_dir/members) for normal use. It has only poster's addresses.
Copyright (C) 1993-2017 Ken'ichi Fukamachi mail:< fukachan at fml.org >