Some IP admin trivia and info

[Dave Farber <dave () farber net>]

SUBSCRIBING
===========

To subscribe to IP, send an email message to "subscribe-ip () v2 listbox com".

This will subscribe you using the account from which you send the message.

If you want to subscribe with some other address, you'll have to send
a message to ip-request () v2 listbox com that says

    subscribe other-address@your_site.your_net

You will be asked to reply to a confirmation message to complete your
subscription.

UNSUBSCRIBING
=============

To unsubscribe from IP, send a message to "unsubscribe-ip () v2 listbox com".

This will unsubscribe the account from which you send the message.
If you are subscribed with some other address, you'll have to send
a message to ip-request () v2 listbox com that says

    unsubscribe other-address@your_site.your_net

The bottom of every post to the list shows the address that you are
subscribed as.


ARCHIVES
========
http://www.interesting-people.org/archives/interesting-people/




FOR HACKERS
===========

In the past, various individuals have attempted to discover weaknesses
in the old system.  Some of them have succeeded.  The following
describes the security features of the new Listbox2 architecture.

   Forging Posts

Some moderated mailing lists automatically approve posts if the "From:"
address is on a whitelist.  An attacker can forge a "From:" address and
thus bypass moderation.  This mailing list does not look at the "From:"
address; instead it requires a special password, known only to the
listowner, to be included in the headers of every message.  That
password is removed before the message goes out to the list.

   Forging subscriptions

All subscriptions require a confirmation reply.  This prevents attackers
from forging subscription requests and listbombing an innocent party.
Almost all mailing list managers today support this feature.

   Forging unsubscriptions

To make it easy for people to get off the list, unsubscribe requests are
not challenged by default; only an after-the-fact notification is sent
to the unsubscribed party.  This opens the door to an attacker
maliciously unsubscribing an innocent party.  If this occurs, the
innocent party will at least receive notification, and they can proceed
to set a password on their subscription to foil future attempts.  If the
problem becomes serious, the listowner can choose to require
challenge/confirmation, or set a password on each subscription.

To our knowledge, this has never been necessary.  We hope that the above
description satisfies the hacker's curiosity so that they feel no need
to test it.

   Forging bounces

We track bouncing subscribers using VERP.  Under traditional VERP,
bounces can be forged because the standard VERP header contains the
username and the listname, and an attacker can generate enough bogus
bounce messages to cause a list manager to unsubscribe an innocent
party.  Our VERP includes a per-subscriber unique string which makes
forgery more difficult.

   In conclusion

To our knowledge, no malicious person has ever attempted any of the
above attacks (with the sole exception of listbombing).  So these
features are there to counter people who only want to demonstrate a
vulnerability.  If you can think of another way to outsmart the system,
please don't experiment with the production services; mail
support () listbox com and we will set up a demo list for you to test with.


-------------------------------------
You are subscribed as interesting-people () lists elistx com
Archives at: http://www.interesting-people.org/archives/interesting-people/