On 6/8/00 7:14 PM, John, Laura <[log in to unmask]> wrote... >We are running List Serv 1.08d. If a password becomes known, is it possible >for an outsider to do anything to the lists or the List Serv if they are not >an owner of a list? Yes, by forging the email address of the list's owner, they could do quite a bit of damage; including but not limited to taking control of the list by removing the owner and putting themselves in charge. Passwords should be kept very private, and validation enabled on high-risk lists/hosts. -- Adam Bailey | Chicago, Illinois [log in to unmask] | Finger/Web for PGP [log in to unmask] | http://www.lull.org/adam/