[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: It's finally over (was Re: Explanation of Harald Fragner and cypherpunks)





> ---Mark Salamon <[email protected]> wrote:
> >
> > Thanks for the reply.  I have now received about 10 such 
> > replies.  We will take them to heart, remove the cypherpunks 
> > and attempt to deal with the mailing list issue in an 
> > intelligent way.

Most lists and services have dealt with the problem of someone
accidentally subscribing or maliciously subscribing someone else in one
of two ways:

A) send and acknowledgement message with a randomly generated
authorization code that requires the user to respond.
B) send out a password and require the user to login before account is
activated.

This works only if you assume the malicious individual will not receive
mail sent to that address. This therefore falls down when the address is
a mailing list or other distribution point that the malicious individual
has access to directly or via archives.

What we really need is an automated system that could authorize/deny an
address prior to the code/password being sent that would keep track of
distribution list addresses and such.

Perhaps I'll create one myself soon.

	Matt