Tue, 10 Jul 2001 09:18:02 -0400
|
I don't think that any list that uses the OK mechanism has anything to
worry about. I quickly scanned the lists and didn't see any of the
regular lists that I'm on there (of they all have public archives anyway
<grin>). I didn't see any of the private lists there either. I know that
the owners do okay every subscription, and they would see such a
subscription request.
We can't worry about what can't be totally controlled, or we might as
well shut down the Internet, Web and all email discussion groups.
Dan Robinson
[log in to unmask]
> -----Original Message-----
> From: Paul Russell [mailto:[log in to unmask]]
> Sent: Tuesday, July 10, 2001 8:49 AM
>
>
> See http://www.mail-archive.com/ for an excellent example of
> one way that
> anyone, anywhere can make the archives of any list
> web-accessible to the
> entire Internet world, even if the list is configured to maintain no
> archives. A list which is configured (or operated in a
> manner) to accept
> subscription requests from addresses whose owners are not
> personally known
> and trusted by the list owner is vulnerable to exploitation
> by users of
> this and similar services, regardless of any other safeguards
> which the
> owner might have in place.
> ..........
> --
> Paul Russell
> Senior System Administrator
> University of Notre Dame
>
|
|
|