On Mon, 27 Jan 1997 18:21:14 -0500, "John F. Witherspoon"
<[log in to unmask]> wrote:

>* What happens to the "List Password" we used to have under 1.8b?

It is superceded by the use of personal passwords.  For historical and
backward compatibility reasons the List password is not thrown out, but
you should migrate all password usage to personal passwords.

>* I only need set one personal password per server, and it will work on all
>my lists, right?

Yes, the password is associated with your email address (not your name!)
for all lists you own/manage on that server.  Note that is you have
multiple addresses, you must set your password for each address (it can
all be the same password, although it would be more secure if it were
different... Depends on how paranoid you want to be)
>
>* If I set Validate=Yes in the list header, for what commands will
>subscribers have to supply passwords?

None.  If they don't have a password registered (or if they do, but don't
give it in the command msg) then LISTSERV will query them back with the
"OK" confrimation mechanism instead of using the (absent) password.  They
merely REPLY to that msg from LISTSERV with the one word answer of OK
(the Subject line must remain intact, as that's where the unique 'cookie'
confirmation number is stored).

Note that if you go the ultimate in security (Validate= Yes, Confirm)
that all command messages, even those with included passwords will
require the use of the "OK" confirmation mechanism.
--
 ________________________________________________________________________
 Ben Parker ............ (Oak Park IL) .......... [log in to unmask]