Bugtraq mailing list archives
Re: mail storm
From: Valdis.Kletnieks () vt edu (Valdis.Kletnieks () vt edu)
Date: Tue, 13 Aug 1996 13:14:17 -0400
--===_-1_Tue_Aug_13_13:14:16_EDT_1996 Content-Type: text/plain; charset=us-ascii On Tue, 13 Aug 1996 07:01:33 CDT, Brett L. Hawn said:
been victimized by it) and I can assure you that its quite horrid. Things like ListServ are completely broken and for the most part automatically allow anything and anyone to be subscribed (mind you they make you respond with some sort of moronic OK <code> code to unsubscribe). My old account,
This (requiring an OK confirmation) is configurable behavior for both subscribe and unsubscribe, on a list-by-list basis. The intent is to prevent forged e-mail from subscribing or unsubscribing you, and to deal with broken e-mail systems. Or did you want somebody to be able to forge unsubscribes in your name and you not even know it happened, much less be given a chance to confirm it? ;) (BTW - netspace.org runs Listserv - maybe I should just forge an UNSUB for Mr Hawn and see if he appreciates the lack of an OK.. ;) Listserv may have many broken features (particularly with the handling of Sender: and From: and Reply-To:, which aren't done in a strictly rfc-compliant way), but its handling of list security and spamming aren't among them.... -- Valdis Kletnieks Computer Systems Engineer Virginia Tech --===_-1_Tue_Aug_13_13:14:16_EDT_1996 Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: 2.6.2 iQCVAwUBMhC35tQBOOoptg9JAQH3fQP8D0Kp5UIpShEuRuRgArdjrHo3gpEDpwRW 27V2z1mxfOEd0nMtlx1mAHXZu/NmPw16n7Sy4PLOnVHkl2uhAwaXw4OAL9BYKEx0 1f/zLYJpGMDIC6ZVZkWpyNstlySwSv89VD5fu6SqgxBw2dGrGDrjsusDL5Yl2RU2 JxKoDHJgG48= =3TkX -----END PGP MESSAGE----- --===_-1_Tue_Aug_13_13:14:16_EDT_1996--
Current thread:
- Re: mail storm, (continued)
- Re: mail storm Pete Ashdown (Aug 13)
- Re: mail storm Sean B. Hamor (Aug 13)
- setuid lp script Francis Liu (Aug 13)
- Re: setuid lp script Casper Dik (Aug 15)
- CERT Advisory CA-96.19 - Vulnerability in expreserve CERT Advisory (Aug 15)
- IRIX 5.3 and CA-96.19 - Vulnerability in expreserve? Mike Kienenberger (Aug 15)
- Re: mail storm Brett L. Hawn (Aug 13)
- Re: mail storm John Ladwig (Aug 13)
- Re: mail storm C. Harald Koch (Aug 13)
- Re: mail storm Joe Rhett (Aug 13)
- Re: mail storm Valdis.Kletnieks () vt edu (Aug 13)
- HP elm exploit Clay Shields (Aug 13)
- Re: mail storm der Mouse (Aug 13)
- Re: mail storm J.R.Valverde (Aug 13)