Great Circle Associates List-Managers
(January 2001)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Using who/review to check server security
From: "Richard Vandenberg" <list-admin @ vansys . com>
Date: Wed, 3 Jan 2001 16:10:56 -0800
To: "list-managers @ GreatCircle . COM" <list-managers @ GreatCircle . COM>
Importance: Normal

I've started running some tests that have apparently pi**ed off a couple of
folks. It's been a while since I've followed discussions related to the
'who' command and it's equivalents, so forgive me if this has been brought
up recently.

Here's the scoop: We shut off our 'who' command years ago, to ensure
spammers didn't grab our lists. But that still hasn't helped us keep our own
email addresses under control, because there are lots of servers that still
leave 'who' enabled.

So we instituted a little policy that prior to subscribing to a list, we'd
have a little probe of the server to see if the 'who'/'review'/whatever
command was disabled or not. If it's not disabled, we either choose not to
subscribe, or we use a couple of shared-office addresses that we have some
filters on.

I don't see anything wrong with what we're doing, although I can see why it
might raise some concerns. I think that any potential subscriber/customer is
entitled to test a mailing list's security prior to subscribing.

Any comments?

Rick






Follow-Ups:
Indexed By Date Previous:
From: (nil)
Next: Re: Using who/review to check server security
From: "24-7 Lists" <listaddict @ 247computing . com>
Indexed By Thread Previous:
From: (nil)
Next: Re: Using who/review to check server security
From: "24-7 Lists" <listaddict @ 247computing . com>

Google
 
Search Internet Search www.greatcircle.com