[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVS webwml/english/consultants

On Mi, 21 iul 10, 20:47:44, Don Armstrong wrote:
> On Wed, 21 Jul 2010, Gerfried Fuchs wrote:
> > I mean that everyone could mail as foo@example.com - and if one is
> > out to abuse the system they definitely would choose to use
> > foo@example.com as sender address and not bar@domain.com.
> Yeah; the point here is that if someone wants to change the
> information of foo@example.com, you need to send mail to
> foo@example.com asking for confirmation (ideally with some kind of
> secret that only you and whoever reads foo@example.com would know; the
> message-id would probably be enough.)
> [Anyone can change envelope From and header From to be any value.]

I imagine some automated challenge-response could be implemented for all 
mails to consultants@d.o and similar addresses, but I lack the skills to 
work on something like that.

Offtopic discussions among Debian users and developers:

Attachment: signature.asc
Description: Digital signature

Reply to: