|
 | | Re: Todd, can I have my password.
|
| (...) Like Shiri said, it was in your membership packet (which many of us have never received). Also, it would have been in the email you received after your payment was received. The email I received had the subject 'Membership Activation'. (23 years ago, 21-Jun-01, to lugnet.admin.general)
| |
|  
mail
(score: 1.117)
|
|
| | Re: E-mail authentication during posting
|
| (...) If you automate the reponse to the authentication e-mail, all I have to do is spoof your identity as Mad Hatter has done several times. Because the authentication gets sent to your email regardless of where I post from, and your response is (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.117)
|
|
| | Re: I'm back...
|
| (...) Why not do this: Shut off posting by mail completely. Let people read, but not post. Require authentication via nntp same as web (this should be simple - in fact it should be a toggle to turn it on, then an option to pull the username & (...) (23 years ago, 27-May-01, to lugnet.admin.general)
| |
|
mail
(score: 1.117)
|
|
| |
|
mail
(score: 1.117)
|
|
| | Re: Membership
|
| Hi, Todd and I intend to mail out another batch as soon as things settle down here (house is in physical transition). There's a pile of 250 or so almost ready. After that bunch, Todd would be the one to ask. I'm sorry for the long wait. -Suz (...) (23 years ago, 29-May-01, to lugnet.loc.au, lugnet.admin.general)
| |
|
mail
(score: 1.117)
|
|
| | Re: I'm back...
|
| (...) Authenticating posting means putting security against all the mechanisms used to post, nntp, mail, and web, no? It might take less time and effort to provide a way to web cancel posts if you authenticate that you are who you say you are. This (...) (23 years ago, 25-May-01, to lugnet.admin.general)
| |
|
mail
(score: 1.117)
|
|
| | Re: Problem posting from LEGO Direct account
|
| Jake, I am not Todd but I have done this myself on occasion. If your LD E-mail address is registered then you don't have to wait 24 hours. You do have to go into posting setup once to change your profile and as long as everything matches your LD (...) (23 years ago, 23-May-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.117)
|
|
| |
|
mail
(score: 1.117)
|
|
| | Re: I'm back...
|
| (...) Is the usual method easy to fake out, then? By "the usual method" I mean the system we used back when I was an undergraduate, where every post to an all-campus distribution list would cause an automated response to the originating e-mail, (...) (23 years ago, 27-May-01, to lugnet.admin.general)
| |
|
mail
(score: 1.117)
|
|
| | Re: E-mail authentication during posting
|
| (...) This would help a few (maybe a lot) more people, but some people still use mail clients which don't support HTML, so they would need a text-based solution as well. Probably better to try & get a useable text-based solution first, and add HTML (...) (23 years ago, 21-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.117)
|
|
| | Re: E-mail authentication during posting
|
| (...) Inline authentication is used with success in some mailing list packages for moderating lists, but what worries me most about inline authentication is how easy it would be to accidentally cc someone when posting via e-mail (for example, if you (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.117)
|
|
| |
|
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| my messages are getting lost in the verification system. i.e. I sent five messages and only got one verification request. Rose Rose "LUGNET Admin" <todd@lugnet.com> wrote in message news:GF40AG.31A@lugnet.com... (...) forged (...) authenticated (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| "Mark Sandlin" <sandlin@nwlink.com> wrote in message news:GF55F7.Bp4@lugnet.com... (...) I have to agree with Mark. We also post via newsreader and this new method of posting will probably drop the number of messages I post. I also have the problem (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| Hello Ross, hello everybody, (...) Can one of you set me straight: I assume the attacker has no access to my email account. How could he, then, automate an email reply I have to send in order to make my post valid? As for a minimum amount of (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| (...) A followup thought to this - provide a "confirm my posts" link to the web interface when you are logged on. This would allow use of NNTP to post (I much prefer it due to a variety of interface issues, including size of the area to type the (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| (...) And it'd have to be something that can't be easily automated by the poster - this defeats the scheme. I've seen some web pages which generate a bitmap containing a string which isn't easily scanned, and asks you to type the string in to (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| | Re: Identity Theft
|
| As an addendum to my prior post, I have copied the relevant portions of the LUGNET TERMS OF USE AGREEMENT (Version 1.0.1, 7 Mar 2000) here. Remember, these are the rules and standards that each and every individual posting to LUGNET agrees to abide (...) (23 years ago, 25-May-01, to lugnet.admin.terms)
| |
|
mail
(score: 1.116)
|
|
| | Identity Theft
|
| To the LUGNET membership, I have seen two blatant cases of identity theft in LUGNET newsgroups today (2001.05.24). This is in direct violation of the sections 'Acknowledgment and Acceptance of Terms of Use (6)' and 'Discussion Group Terms and (...) (23 years ago, 25-May-01, to lugnet.admin.terms) !!
| |
|
mail
(score: 1.116)
|
