On Fri, 09 Feb 2007 15:54:59 -0800 Bob Morse <[EMAIL PROTECTED]> wrote: > Thank you all for your insights in the >Challenge/Response question. I am > convinced this is not the way to go. In fact, I used >some of the same > arguments to the client when he brought it up. > > The problem remains, however: How do I prevent spoofing? >In this case they > have a real fear due to a board member who is soon to be >ejected from the > board and have organizational membership taken away. >They feel he is capable > (both emotionally and technically) of major disturbances >on one or more of > about a dozen mailing lists the organization maintains. > > What makes this even more of a challenge¹ is that the >account is on a > shared server.
We are dealing with a similar situation now. Some member, or non-member, is spoofing the From: address of members to post to the lists. We have full emergency moderation turned on so all messages are reviewed before posting. And at the MTA we have instituted various other checks that help prevent messages from getting to Mailman. There is no (easy) technology now that can prevent this. If the person is inclined to make trouble, they will. If not through the lists, then by some other means. Fundamentally, its not a technology problem. --Karl ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
