On Oct 18, 2007, at 7:24 AM, Steve Eckard wrote:

> Can someone assure me that this url will not let anyone change
> anyone elses password by simply knowing their email address before
> our security engineer goes balistic? Apparently a lot of spam is
> being sent out from possibly people on one of our lists,
> advertising viagra. I've just begun investigating. Thanks.
>
>
> https://listserv.jmu.edu/cgi-bin/wa?GETPW1=REPORT>

Sure. Just ask your potentially ballastic security engineer to try it
for himself and get back to you if there's a problem.