On Fri, Feb 02, 2001 at 02:24:07PM -0600, Dave Sherohman wrote:
On Fri, Feb 02, 2001 at 04:01:25PM +0000, Dominic Hargreaves wrote:
No, this is not the case. Approved headers, while perhaps slightly inelegant, are more secure (FSVO "secure") than simply allowing a set of posters to post. Anyone can trivially fake a "From" header in an email address, whereas with an approved header you need to know the password.
Does majordomo remove the Approved header while forwarding messages? If not, finding out the password is even more trivial than forging From:.
Yes, it does.
-- Dominic Hargreaves | http://dom.magd.ox.ac.uk/ You can get my PGP key from my web site. "Only two things are infinite: the Universe and human stupidity, and I'm not sure about the former" - Albert Einstein