Hello, I am Chris from Arch Linux Security Team and I want to ask for restricted acess for senders for the arch-security mailinglist.[1] We had different issues in the past on this list including:
- neverending discussions.[2] - broken MTAs (the newest one). Some emails from somebody are bouncing back to the mailinglist.[3]
That's the reason why the security-team want a whitelist for this mailinglist. Everybody can subscribe but sending to it should be restricted to avoid this issues. I would be fine with it if the restriction is for everyone except the Arch Linux Developers, Trusted Users, and staff. If you want even more agressive rules I would be also fine if only our security team and some developers can write to it. According to my mail on the arch-dev-public mailinglist the security mailinglist should be for Arch Linux Security Advisories only.[4]
best regards
Christian Rebischke Member of Arch Linux Security Team
[1] arch-security@archlinux.org [2] https://lists.archlinux.org/pipermail/arch-security/2015-December/000441.htm... [3] https://paste.archlinux.de/KAV1/ [4] https://lists.archlinux.org/pipermail/arch-dev-public/2015-December/027581.h...
On 14.01.2016 17:45, Christian Rebischke wrote:
[4] https://lists.archlinux.org/pipermail/arch-dev-public/2015-December/027581.h...
Given there were no objections I've set the arch-security list to moderated and I've whitelisted all subscribers with @archlinux.org addresses. I'll whitelist others when required.
arch-devops@lists.archlinux.org