On Tue, 7 Jan 1997 15:19:58 -0500, Mark London <[log in to unmask]> wrote:
 
>I am worried about someone setting their email to one of the owners of
>my listserv mailing list, and then sending commands to listserv to modify
>the list.  I would like to be able to protect it more.
 
You can set your list to Confidential=Yes, which will prevent LISTSERV(R)
from sending out the List Header.  This also 'hides' your list from the
'list of Lists' used by interested people to find your list if publically
available.
 
However, you should study the Owners manual carefully for the Validate=
keyword (Appendix B)  If you set Validate=Yes,Confirm,NoPW  (LISTSERV
1.8b or later), then all commands making a change by list members or list
owners must be confirmed by an 'OK' cookie sent back to the From: address
the command pretends to be from.  This is the most secure state, since
someone spoofing your address cannot get the reply, it will come to you
and you will know something is wrong, and the change will not be done
since the confirm will fail after 48hrs.
 
As a practical matter, this is not that easy to do and although it has
happened, I wonder how real a worry this is.
--
 ________________________________________________________________________
 Ben Parker ............ (Oak Park IL) .......... [log in to unmask]