At 5:47 PM +0000 2004-11-29, Gary Smith wrote:
In one of the previous posts (Allow members to send e-mail to another list) it was mentioned that intelligent spammers could monitor the output of a list and then spoof one of the subscribed addresses.
Indeed, this is a risk.
I dont know much about emails, but how is this possible that they can monitor the output?
They subscribe to the list. They see all the addresses come across that a regular user would see, then pick one that they want to spoof.
It is possible to stop it easily?
Nope. If all posters were required to use PGP-signed messages, and you had PGP integrated into Mailman so as to reject all messages which were not correctly PGP-signed, that might work. Of course, anyone who wanted to join the list and post would need to upload their key to the PGP keyring on the mailing list server.
-- Brad Knowles, <[EMAIL PROTECTED]>
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755SAGE member since 1995. See <http://www.sage.org/> for more info. ------------------------------------------------------ Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
