LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Automatic Signoff

Eric Thomas <[log in to unmask]>

Mon, 27 Aug 90 14:53:09 O

text/plain (62 lines)

>I never use this option at my site, but many lists to which I belong do.
>And a  few times I have  waited weeks and sent  repeated requests before
>being removed from a list.
 
David, there is  little one can do  in this world to  prevent people from
being stupid when they want to.  With internet mailing lists, you have no
way to signoff by yourself and it can  take 3 months to be removed if the
moderated is  on vacations  or lazy.  It is a  well-known fact  that some
combinations  of  keywords  are  stupid, for  instance  "Review=  Private
Subscription= Open Notify= No Validate= Store" (ie anybody can review the
list by  signing up, sending  the REVIEW, and  signing off, and  the list
owner will  not even  know). It is  not my business  to decide  whether a
particular combination of  options is "stupid" for a  particular site. If
you as a user don't like it, complain to the list owner, not to me.
 
>But a hacker CAN add whomever he wishes as things now stand.
 
Not with "Validate= All Subscription= By_owner".
 
>I love the  "Subscription= Closed" parameter. It will  prevent the above
>situation. "Validate= All" won't help here at all.
 
Ok Mr.Expert, I  bow to You, You  are Right by Definition.  However may I
humbly suggest that you try sending  an ADD command "from" the list owner
with "Subscription= Closed Validate= Store"?
 
>But Mignon's list (and many others with "Validate= All") DO have it.
 
So Mignon's list (and many others) ought to have this parameter changed.
 
>list headers  are probably  copied from  one list to  another at  a site
>without  much  attention  to  the less  noticeable  parameters  such  as
>"Validate".
 
I guess this  is my fault and  I should delete the  "Validate" keyword in
order to  prevent the possibility  that hasty  list owners might  copy it
from another list. While  I'm doing that, I might as  well delete all the
other "less noticeable" keywords.
 
>Eric doesn't seem receptive to the  idea of adding the personal password
>as another legitimate  password for making changes in  a "Validate= All"
>list,
 
The personal  password is  accepted for validation  of any  command (ADD,
DELETE,  etc).  The  problem  is  that  the  SIGNOFF  command  cannot  be
validated. There are two reasons I am opposed to that:
 
1. Getting  a password  on  a particular  server might  also  take you  3
   months, depending  on how  the server  is configured,  ie it  does not
   solve the problem.
 
2. I do  not want to encourage  users to get a password  just for signing
   off a list.
 
I  have  already  thought  of the  RELAY-like  mechanism  for  confirming
commands. It's on my wish list, but it's a good amount of code (you don't
want to  support just SIGNOFF  but rather  all the commands  that require
validation).  And you  don't want  it to  be used  for a  netwide signoff
either :-)
 
  Eric

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM