Hello, We had a incident that hacker entered a legitimate email, and required new password to our ListServ. The victim clicked the confirmation URL (he didn't request for new password change). Hacker was able to access a sensitive archive. How are we going to prevent that except educating users? Thank. Shinn ############################ To unsubscribe from the LSTSRV-L list: write to: mailto:[log in to unmask] or click the following link: http://peach.ease.lsoft.com/scripts/wa.exe?SUBED1=LSTSRV-L&A=1