Mailman doesn't use secret aliased.
That's good.
Pardon me for being a pain here, but isn't it ridiculously easy to forge a From:, and also rather easy to forge an envelope?Mailman v2.0 authenticates on From: or envelope (you pick). Mailman v2.1 authenticates on From: and envelope.
Now I'll be humble and admit that I don't even know what an envelope is. So my question about the envelope really boils down to: if I have root access on a machine other than the one Mailman is running on, can I fool Mailman's envelope recognition?
========== Dan Richter ============== mailto:Dan@;wimba.com ===========
He [Bob Dole] fought in Italy, where he suffered
a serious head injury. Then he went into politics.
- a poorly worded radio announcement in 1961
------------------------------------------------------
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
