abusive changes of person handles (protect your maintainer!)
Wilfried Woeber, UniVie/ACOnet woeber at cc.univie.ac.at
Fri Nov 19 13:31:23 CET 1999
Hi Joao! >There are two issues here: >- The use of very weak protection methods (NONE and MAIL-FROM) (see *). wrt the "see *": I think they do have a point in principle. In reality (for many individuals, I suppose :-) it's still more staright-forward to fake a mail-from header than reverse-engineer a crypted password string in itself. However, given the fact that many operatinal environments these days require mail to be shipped multi-hop, the risk of disclosing the (clear text) password is greater than we might want to believe... >Would the community see this change in behaviour as a good thing? Definitely! Wilfried.
[ db-wg Archives ]