[Mailman-Developers] Yet another weird-a$$ potential attack
problem...
Chuq Von Rospach
chuqui@plaidworks.com
Thu, 04 Apr 2002 23:09:32 -0800
On 4/4/02 10:49 PM, "J C Lawrence" <claw@kanga.nu> wrote:
> Suggest:
>
> Keep the just-hit-reply model,
How about keeping the reply model, but requiring the reply come from the
address being subscribed? That'd throw out corporate-braindamage-mailbots
unless they're amazingly braindamaged and forge email AS the user. It
wouldn't protect someone from a broken procmail mailbot, but if they write
their own, caveat emptor anyway.
--
Chuq Von Rospach, Architech
chuqui@plaidworks.com -- http://www.chuqui.com/
He doesn't have ulcers, but he's a carrier.