[3304] in WWW Security List Archive
Re: you creeps
daemon@ATHENA.MIT.EDU (Robert P Cunningham)
Sat Oct 19 17:10:59 1996
Date: Sat, 19 Oct 96 09:16 WET
From: bob@lava.net (Robert P Cunningham)
To: rkt@poboxes.com, Www-Security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
>>In the long run, the solution is an intelligent mailbox and mail
>>signing (ala PGP)....
>I like the idea of the remailer to be configured to reject mail from
>people who are not on the list.
Not sufficient. It's almost as easy to subscribe with a bogus
address as to just send a bogus message.
What's necessary is to 1) require a registered key certificate when
subscribing; 2) remail only signed messages.
