A few others have responded on this issue, but I feel it appropriate that I ought to address some of the issues raised here: [suggestion that the LWGate is the cause of the recent subscription spam deleted] ... > When I looked at the page a month or so ago, it would only allow subscriptions > to a selected list of lists but I would not be surprised if someone could > discover a workaround to that or perhaps the program was altered to allow > subscription to any list. The LWGate will only allow subscriptions for lists which are entered into the script's database. There is no "workaround" for this. When the script receives input, it sees what mailing list it is for (as sent by the client) and then sees where commands ought to be sent for that mailing list (from a server-only-visible database) before sending email on its way. If the client sends an unknown list (i.e. the user is editing the form and spoofing the input), the script will not find the list and return an error. Since the source is freely available, it could be altered to provide subscription services for any list. While I don't think that would be a good thing, anyone who wanted to accomplish this goal really ought not need to see the results of my mediocre coding knowledge. > The most scary part of the page was that it asked the user for their email > address. This is also the case with many mail packages today (e.g. Eudora or even Netscape). As Peter has mentioned, this is an inherent limitation of Internet e-mail; SMTP mail has no provision for authenticating the originator of the email. The LWGate does nothing more than what someone with a copy of Eudora, or Telnet and the SMTP RFC, could do. > I hope this helps and I *do* apologize to David Baker if he feels I've > maligned his work on the LISTSERV gateway, but this seems a puzzle that few > have ideas about so I hope you forgive my rambling. Well, no I don't feel maligned, but I certainly know many instances of flame wars starting for less. If you really thought that this was a concern, why didn't you mail me first? If you had been reading this list for the past 6 months (or even went to the LSTOWN-L archives), you would have realized that from the start of this project, I have solicited the comments and aid of the readership of this mailing list, and I have purposefully designed the LWGate both in light of the points raised and in my experience as a List Owner. If anyone has concerns about the operation of my LWGate, I am quite happy to discuss them. However, I would appreciate a chance to address these concerns before something inflammatory as this is posted. My email address is available on every page created by the LWGate, and I welcome comments from all. Thanks, David W. Baker P.S. In a problem unrelated to LISTSERV, the NetSpace WWW server has been down. The sysadmins are working on fixing the problem, and once it's back up, you can see more about it at <URL:http://www.netspace.org/users/dwb/lwgate.html>. David W. Baker | [log in to unmask] | <URL:http://www.netspace.org/users/dwb/>