Re: Is mailback validation still safe?

[Tim Pierce]

On Sun, Dec 10, 2000 at 09:21:08AM -0800, Chuq Von Rospach wrote:
> At 12:18 PM -0500 12/10/00, Tim Pierce wrote:
> 
> >Moreover, Chuq is talking about sending someone 1,000 copies of an
> >info file *once*.
> 
> Not necessarily. These things are scripted. I've seen evidence that 
> these scripts have been run for periods of time, repeatedly.

And?  The attacker has to remain vigilant and creates more of an
audit trail that can get him whacked.  Without mailback validation,
he could sign someone up to several thousand mailing lists, sit
back and enjoy the fun; even if his account gets nuked, he has the
pleasure of knowing that his victim is still getting bombed.

I'm with Murr.  Mailback validation may not solve every problem in
the world, but it is hardly a useless relic of a bygone era, or
whatever you are making it out to be.

-- 
Regards,
Tim Pierce
RootsWeb.com lead system admonsterator
and Chief Hacking Officer