On Tue, 2 Aug 1994, L. Todd Masco wrote:

Doug Cutrell writes:

...

I'd like to understand what Todd's "hack" means... I assume that he's talking about telnetting to the sendmail port. But I thought that anyone could unsubscribe anyone from cypherpunks by simply sending a message with:

unsubscribe cypherpunks obnoxious@jerk.com

It isn't even necessary to forge the return address, because majordomo doesn't check. I just pulled majordomo's help file. It's appended below.

In my experience, listservers will clear any commands that don't come from the person affected by passing them on for processing by the list maintainer as a security precaution. I had assumed majordomo did this, but I'm not certain.

NOTE: all versions of majordomo do not permit this. I know that for the majordomo lists I run, it does do some internal checking to see that the address that mailed the unsubscribe command matches the one in the subscription roles, and if it doesn't, it forwards that message to the majordmo-owner address to be dealt with. BUT, you can turn off this 'feature' and have majordomo automatically recognize and execute all commands pertaining to that list. ____ Robert A. Hayden <=> hayden@vorlon.mankato.msus.edu \ /__ -=-=-=-=- <=> -=-=-=-=- \/ / Finger for Geek Code Info <=> I do not necessarily speak for the \/ Finger for PGP Public Key <=> City of Mankato or anyone else, dammit -=-=-=-=-=-=-=- (GEEK CODE 2.1) GJ/CM d- H-- s-:++>s-:+ g+ p? au+ a- w++ v* C++(++++) UL++++$ P+>++ L++$ 3- E---- N+++ K+++ W M+ V-- -po+(---)>$ Y++ t+ 5+++ j R+++$ G- tv+ b+ D+ B--- e+>++(*) u** h* f r-->+++ !n y++**