|
Sender: |
|
Date: |
Wed, 7 Apr 1999 08:54:11 -0700 |
Reply-To: |
|
Content-Transfer-Encoding: |
7bit |
Subject: |
|
From: |
|
Content-Type: |
text/plain; charset=us-ascii |
In-Reply-To: |
|
Organization: |
L-Soft international, Inc. |
MIME-Version: |
1.0 |
On Wed, 7 Apr 1999 09:34:30 -0500, Gary Klass <[log in to unmask]> wrote:
>Recently I sent a message directly to a subscriber who used the Eudora
>redirect option to send a message back to the list. It went out directly
>to the list with the "from" header below:
>
>"Gary Klass (by way of tangela williams <[log in to unmask]>)"
> <[log in to unmask]>
>
>This represents a serious security problem, in this case especially because
>the message contained the happy99.exe virus.
>
>Is anyone else aware of this happening?
This is the way Eudora's 'redirect' has always worked and it it very
non-standard per the usual mail standards RFCs. I suggest you change the list
header to Send= Editor,Hold
Then all you need do is reply to the confirmation message that LISTSERV sends
you with the one word 'OK'
With Send= Editor , LISTSERV sends you the entire message and you must resend it
back to LISTSERV with the proper 'resent-' header lines. Eudora cannot do this.
With Send= Editor,Hold LISTSERV retains the original of the message, sends you
a 'request for confirmation' to which you reply OK (which Eudora will do nicely)
and then LISTSERV releases the message.
|
|
|