On Oct 18, 2007, at 7:24 AM, Steve Eckard wrote: > Can someone assure me that this url will not let anyone change > anyone elses password by simply knowing their email address before > our security engineer goes balistic? Apparently a lot of spam is > being sent out from possibly people on one of our lists, > advertising viagra. I've just begun investigating. Thanks. > > > https://listserv.jmu.edu/cgi-bin/wa?GETPW1=REPORT> Sure. Just ask your potentially ballastic security engineer to try it for himself and get back to you if there's a problem.