At 14:55 12/12/2005 Monday, Hal Keen wrote:
>> And of course if the spoofed email is from a real userid@node, then they
>get nagged by LISTSERV, which might not be a good idea either.
>
>But they wouldn't confirm it, presumably.
>
>If somebody else were sending email to a list and spoofing my address, I
>would want to know about it! I would also be happier if the email weren't
>getting out to the list, if it was putting someone else's words in my mouth.

Yup, I wouldn't want it to go to the list either.

But receiving said notification (confirmation request) of something that I didn't send to a list that I don not belong, would not be something that I would enjoy receiving especially via a LISTSERV list that has nothing to do with me.

I realize that others might and could depend on one's time, ability, and tolerance for "pain" to track-down the perp.  Otherwise, *I* already know that I, my lists, and role accounts are already being spoofed, probably as I type this.

So if I run a LISTSERV(R) list, why should I configure it to harass an unrelated and innocent third-party?  I mean if I got enough of them as the innocent third-party, I might be inclined to contact a blacklist op or law enforcement to see if they would take action against the LISTSERV(R) site owner.

Having said that, I'm sure there are contexts where the previously stated list definitions do make sense. 


/P