Folks, this is built in to SmartList already. See here: http://www.hartzler.net/smartlist/SmartList-FAQ.html#Section_8.1 We use it, and it works fine, although it offers no protection against somebody sniffing your email between you and the SmartList server. -----Original Message----- From: Roger Burton West [mailto:roger@firedrake.org] Sent: Monday, April 29, 2002 10:37 AM To: smartlist@Lists.RWTH-Aachen.DE Subject: Re: Klez worm forging moderator's address? On Mon, Apr 29, 2002 at 10:30:39AM -0400, KEVIN ZEMBOWER wrote:

1.) Is this a possible scenario with SmartList? I can't think of any reason why this wouldn't work.

It's entirely possible. Email addresses are trivial to spoof.

2.) Is there any protection to avoid this? I can't think of any setting to make the system reject messages from the moderator which DON'T come from a particular mail system. Is there any other way? Moderator must approve his own posts?

Or other password-protection; there have been several discussions about this on the list before. Basically, it's fairly easy to put in a filter which requires a particular header to appear in a message, and which strips out that header before the message goes to the list. Roger _______________________________________________ Smartlist mailing list Smartlist@lists.RWTH-Aachen.DE http://MailMan.RWTH-Aachen.DE/mailman/listinfo/smartlist