[PREVIOUS CHAPTER]
[______TOC_______]
Appendix G Security Consideration
* run in the installation if you use recommended secure cf template.
% env RECOMMEND=yes perl makefml install
% make secure
run "make secure" in your ML HOME to enable typical secure
options. These are a part of the following ones. Configurations to add
follow:
$INCOMING_MAIL_SIZE_LIMIT = 512000;
$USE_LOG_MAIL = 1;
$USE_DISTRIBUTE_FILTER = 1;
$FILTER_ATTR_REJECT_COMMAND = 1;
$USE_MTI = 1;
&DENY_PROCEDURE('member'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('active'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('members'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('actives'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('status'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('stat'); # _this_line_is_added_by_makefml_
* Disable members/actives command
Append in config.ph (before the last "1;")
&DENY_PROCEDURE('member'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('active'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('members'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('actives'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('status'); # _this_line_is_added_by_makefml_
&DENY_PROCEDURE('stat'); # _this_line_is_added_by_makefml_
@DenyProcedure = ('member', 'active', 'members', 'actives', 'status', 'stat');
* enable security related options
$INCOMING_MAIL_SIZE_LIMIT The upper limit of mail size
$USE_DISTRIBUTE_FILTER Filtering
$USE_MTI Traffic Monitor against e.g. mail bomb
$UNSUBSCRIBE_AUTH_TYPE confirmation of un-subscription
$USE_LOG_MAIL logging all mails fml received
* PGP Encrypted ML: encrypted article is distributed.
* Disable attachments
$DISTRIBUTE_FILTER_HOOK = q#
if ($e{'Body'} =~ /Content-Disposition:\s*attachment/i) {
return 'THIS ML NOT PERMIT ATTACHMENT';
}
#;
Appendix G.1 FML Advisories
FML Advisories are a series of documents to advice some kinds of
current topics, for example, happy99, Melissa ...
http://www.fml.org/fml/advisories/
$Id$