At 5:05 PM -0500 1/7/2000, Mitch Collinsworth wrote:
> Well, they have to give _a_ e-mail address, but I don't see where it
> makes them give _theirs_. If they only have to know the address of
> _someone_ who is subscribed to the list then it doesn't really lock
> out anyone who was once on the list but since kicked off.
Hmm.
> For anyone
> else, if the list info gives your address anywhere (maybe it doesn't)
> and you're a subscriber, then everyone can be assured of knowing one
> valid address.
That's easy enough to take care of, simply by denying access to admin
addresseses.
Hmm. you have a good point. While this would nuke out the spammers,
since they couldn't get an email address without first subscribing
SOME legal address to the list, it doesn't solve the "kicked out
getting even" attack scenario, because they would have had access to
mail where they could get someone else's address from.
So it's no better than the "password on the web site" solution, but a
lot more work.
Anyone see a way to fix this? I don't, unfortunately. thanks, Mitch.
Saves me a buncha work for little real benefit.
--
Chuq Von Rospach - Plaidworks Consulting (mailto:[EMAIL PROTECTED])
Apple Mail List Gnome (mailto:[EMAIL PROTECTED])
Pokemon is a game where children go into the woods and capture furry
little creatures and then bring them home and teach them to pit fight.
