Anonymous code name allocated. // penet hack
Robert A. Hayden
hayden at vorlon.mankato.msus.edu
Tue Aug 2 17:33:26 PDT 1994
On Tue, 2 Aug 1994, L. Todd Masco wrote:
> Doug Cutrell writes:
> > I'd like to understand what Todd's "hack" means... I assume that he's
> > talking about telnetting to the sendmail port. But I thought that anyone
> > could unsubscribe anyone from cypherpunks by simply sending a message with:
> >
> > unsubscribe cypherpunks obnoxious at jerk.com
> >
> > It isn't even necessary to forge the return address, because majordomo
> > doesn't check. I just pulled majordomo's help file. It's appended below.
>
> In my experience, listservers will clear any commands that don't come from
> the person affected by passing them on for processing by the list
> maintainer as a security precaution. I had assumed majordomo
> did this, but I'm not certain.
NOTE: all versions of majordomo do not permit this. I know that for the
majordomo lists I run, it does do some internal checking to see that the
address that mailed the unsubscribe command matches the one in the
subscription roles, and if it doesn't, it forwards that message to the
majordmo-owner address to be dealt with.
BUT, you can turn off this 'feature' and have majordomo automatically
recognize and execute all commands pertaining to that list.
____ Robert A. Hayden <=> hayden at vorlon.mankato.msus.edu
\ /__ -=-=-=-=- <=> -=-=-=-=-
\/ / Finger for Geek Code Info <=> I do not necessarily speak for the
\/ Finger for PGP Public Key <=> City of Mankato or anyone else, dammit
-=-=-=-=-=-=-=-
(GEEK CODE 2.1) GJ/CM d- H-- s-:++>s-:+ g+ p? au+ a- w++ v* C++(++++) UL++++$
P+>++ L++$ 3- E---- N+++ K+++ W M+ V-- -po+(---)>$ Y++ t+ 5+++
j R+++$ G- tv+ b+ D+ B--- e+>++(*) u** h* f r-->+++ !n y++**
More information about the cypherpunks-legacy
mailing list