Fri, 28 May 1999 11:44:51 -0400
|
Thee best method for anti-spoofing is to have a three way handshake,
which the OK mechanism allows. Anything else is suspect, as you have
already indicated via a mail clients RETURN ADDRESS e.g., such as found
in Eudora.
On one campus-announce only list, we seem to be able to deal w/ the
following setup
* default-options= NOPOST
and with authorized subscribers being altered by the list-owner via
SET listname POST FOR authorized_userid@node
This does NOT provide three-way handshake, but it is effective for *us*.
Non-authorized posters simply get a LISTSERV-generated (I believe from
the template) nastygram.
If you're getting spoofed messages, then you need to deal with that
out-of-band, along with strong institutional policies (if originating
internally).
YMMV
/Pete Weiss -- Penn State
|
|
|