Last night it appears that my installation of GnuDIP was used to send a large number of E-mails to a victim.
While those GnuDIP web pages that can only be entered through the login page cannot be anonymously abused. it is now clear that the self registration page can be. A program can "GET" and "POST" that page repeatedly to send an E-mail bombardment to a third party. The bombardment will seem to come from the GnuDIP site. I have disabled self registration on my site. I will try to find a way to make sure that a human being is using the page. Suggestions are welcome. Sorry about this. -- Creighton MacDonnell http://macdonnell.ca/ _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm -- GnuDIP Mailing List http://gnudip2.sourceforge.net/gnudip-www/#mailinglist
