Do you have something inputted into the subject line for the list ([LIST NAME]). As long as subscribers only can post, if the person receives the virus and list name does not show, they know it didn't come through the list. Also, if there is no signature file, or name signed for people that sign there name, you know it was not sent by a person. Jeff FAX 717-564-4952 Jeff Dougherty Intrepid Video & Electronics God answers 501 Luther Rd Knee-mail. Harrisburg, PA 17111 717-909-8844 VCR tips, electronics info & general interest. www.intrepid-video.com www.tech-repair.net www.thetoolcaddy.com www.9-11-2001tragedy.com ----- Original Message ----- From: "Roger Burton West" <roger@firedrake.org> To: <smartlist@Lists.RWTH-Aachen.DE> Sent: Monday, April 29, 2002 10:37 AM Subject: Re: Klez worm forging moderator's address?
On Mon, Apr 29, 2002 at 10:30:39AM -0400, KEVIN ZEMBOWER wrote:
1.) Is this a possible scenario with SmartList? I can't think of any reason why this wouldn't work.
It's entirely possible. Email addresses are trivial to spoof.
2.) Is there any protection to avoid this? I can't think of any setting to make the system reject messages from the moderator which DON'T come from a particular mail system. Is there any other way? Moderator must approve his own posts?
Or other password-protection; there have been several discussions about this on the list before. Basically, it's fairly easy to put in a filter which requires a particular header to appear in a message, and which strips out that header before the message goes to the list.
Roger _______________________________________________ Smartlist mailing list Smartlist@lists.RWTH-Aachen.DE http://MailMan.RWTH-Aachen.DE/mailman/listinfo/smartlist