Anselm Lingnau wrote: > slamberton wrote: > >> However, if a forgery has happened--it must be pretty determined one. You >> can only post to this list if you are subscribed--the forger would have to >> have control of the individuals email account > > No. All you need to have is knowledge of the target's e-mail address, > telnet(1) (or something similar, like netcat) and a basic understanding of > SMTP. I (or anybody) could post a message to this list that to the casual > reader would look very convincingly like it came from you and it would take > me > all of five minutes -- if I wanted to do a thorough job, that is. Routine > stuff and, incidentally, part of LPI-202. Email sucks :^) >
...and know that the person is subscribed to lpi-discuss. Again that's a pretty determined prankster. > Anyway, I suppose people can always come to you with the »wasn't me« defense > and see where it gets them. Thanks for trying to keep the list clean. > > Anselm > (speaking for himself) > > PS. Incidentally, while we're at it, can we also ban HTML-only messages? ;^) Oops forgot to change my "composition" setting. I prefer plain text myself--but was composing some html emails this weekend ;-) scott -- Scott Lamberton Director of Communications Linux Professional Institute http://www.lpi.org [email protected] +1-905-269-0862 **Introducing www.lpimall.com in North America!** _______________________________________________ lpi-discuss mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-discuss
