On Thu, Oct 14, 1999 at 04:04:03PM -0700, Russ Allbery wrote:
> Chuq Von Rospach <[EMAIL PROTECTED]> writes:
> > At 2:37 AM -0400 10/14/99, John R Levine wrote:
>
> >> I don't just accept any response with the cookie in the
> >> subject line, that's too easily spoofed by autoresponses, bounces, and
> >> broken vacation programs.
>
> > I like that approach. I'd also consider replacing the "yes" with a blank
> > message ...
>
> On the other hand, some people will be unable to send a blank message.
Folks who use a mail system that supports extended e-mail addresses
could conceivably take advantage of that. For example, with qmail:
To confirm, send mail to [EMAIL PROTECTED]
With sendmail:
To confirm, send mail to [EMAIL PROTECTED]
and so on. I'm sure this has been tried, right?
--
Regards,
Tim Pierce
RootsWeb.com lead system admonsterator
and Chief Hacking Officer
