subject:"Re\: \[Mailman\-Developers\] Yet another weird\-a$$ potential attack problem..."

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-05 Thread J C Lawrence

On Fri, 05 Apr 2002 20:48:53 -0800 Chuq Von Rospach <[EMAIL PROTECTED]> wrote: > On 4/5/02 8:41 PM, "Ron Jarrell" <[EMAIL PROTECTED]> wrote: >> At which point he'll refuse to confirm your subscription unless you >> can bring him a shrubbery. > Almost makes me sorry I brought this up. Was just t

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-05 Thread J C Lawrence

On Thu, 04 Apr 2002 23:09:32 -0800 Chuq Von Rospach <[EMAIL PROTECTED]> wrote: > On 4/4/02 10:49 PM, "J C Lawrence" <[EMAIL PROTECTED]> wrote: >> Keep the just-hit-reply model, > How about keeping the reply model, but requiring the reply come from > the address being subscribed? Problem: That

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-05 Thread Barry A. Warsaw

> "RJ" == Ron Jarrell <[EMAIL PROTECTED]> writes: RJ> and be greeted by a grumpy gnome of a man named Melvin, who'll RJ> shriek "What! What! Why do you all keep bothering me? Don't RJ> you have enough to do without being on *another* RJ> mailinglist??" Check out Melvin! htt

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-05 Thread Ron Jarrell

At 08:48 PM 4/5/02 -0800, Marc MERLIN wrote: >Right... > >You got instructions on how to unsubscribe when you subscribed (you should >have read and saved the Email) and you get a reminder every month, with >again, instructions on how to unsubscribe. I like the ones who reply to a message posted t

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-05 Thread Marc MERLIN

On Fri, Apr 05, 2002 at 11:41:35PM -0500, Ron Jarrell wrote: > At 12:13 AM 4/5/02 -0500, Barry A. Warsaw wrote: > >E.g. we could shut off email confirms altogether and force only web > >confirmations. Or we could be more Majordomo-ish as JC describes. > > I think all potential subscribers to *an

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-05 Thread Ron Jarrell

At 12:13 AM 4/5/02 -0500, Barry A. Warsaw wrote: >E.g. we could shut off email confirms altogether and force only web >confirmations. Or we could be more Majordomo-ish as JC describes. I think all potential subscribers to *any* mailman list should be required to trek in person to a lonely aband

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-04 Thread Stephen J. Turnbull

> "Chuq" == Chuq Von Rospach <[EMAIL PROTECTED]> writes: Chuq> we can't blame stupid users for stupid IS departments, Chuq> either... Unfortunately, stupid IS departments can blame anybody else and make it stick, too. If the U Legal (worse, U Purchasing) autoresponder gets mailbombe

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-04 Thread J C Lawrence

On Fri, 5 Apr 2002 01:01:44 -0500 Barry A Warsaw <[EMAIL PROTECTED]> wrote: > The former is already implemented in MM2.1; it's just optional not > mandatory. The latter is an interesting idea, but I don't how > burdensome that would be on people with today's MUA's (XEmacs/VM > handles it, and i

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-04 Thread J C Lawrence

On Fri, 5 Apr 2002 00:13:44 -0500 Barry A Warsaw <[EMAIL PROTECTED]> wrote: > E.g. we could shut off email confirms altogether and force only web > confirmations. Or we could be more Majordomo-ish as JC describes. A base problem is barrier to entry: Barrier to entry for stupid software and

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-04 Thread John W Baxter

At 0:37 -0500 4/5/2002, Dale Newfield wrote: >So instead of sending the token in the Subject: line of the message, >it's sent in the subject line in a mailto link. >(like so: ) > >I still use pine, and even it is able to "do the right thing"(tm) with >that..

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-04 Thread Barry A. Warsaw

> "CVR" == Chuq Von Rospach <[EMAIL PROTECTED]> writes: CVR> I've just finished tracking down and nuking a subscriber with CVR> a really noxious mailbot. The situation was that anyone CVR> posting to one of my lists would get a reply back from new york financial company name del

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

2002-04-04 Thread J C Lawrence

On Thu, 04 Apr 2002 11:07:30 -0800 Chuq Von Rospach <[EMAIL PROTECTED]> wrote: > Oh, man. This is my week for weird stuff. Yea and verily. > The question I'm bringing up is, I guess, is this something mailman > needs to worry about? Should it require that the returned token come > from the add

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

Re: [Mailman-Developers] Yet another weird-a$$ potential attack problem...

12 matches

Site Navigation

Mail list logo

Footer information