|
 | | Re: E-mail authentication during posting
|
| First of all, thanks for putting in a quick fix. This should defenitly work, now we just need to figure out a way to make it easier :) In lugnet.admin.nntp, Horst Lehner writes: \>Also, PGP encryption could potentially be used to offer a totally (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|  
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| This is really annoying and is impacting my posting frequency. Since I use a cable modem, I'm always posting from the same IP address. Is there any way to enter an IP address as "authorized" to be myself? If that won't work, how about making it so (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| (...) Good work, Todd. As I use the web interface this doesn't affect me much at all. I understand the issues raised by some who do not use the web interface, and I'm sure you'll work with them as much as possible/feasible to address their concerns, (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| (...) As far as I'm aware, zero. NNTP doesn't do authentication -- it does authorization. That is, if you're authorized to post to the server (after giving your username/password), you can still forge messages in anyone's name. Some server hacks (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| (...) I was wondering about that, but how do you avoid things like bad vacation programs or other auto-responders, or people who just hit Reply and scream back some curses? :) I suppose it could work if you had to reply AND put, say, an 'x' into a (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| (...) Todd, I just wanted to thank you publicly for doing this. I know its not perfect but I personally would rather live with a little inconvenience then have to deal with people stealing identities. Fortunately for me I am a member that uses the (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| (...) Do we have to worry that much about that? I think the primary concern is to have a reasonable way to block posting by unauthorized folks. If you abuse your priviledges, your NNTP ID/password would be revoked. (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| (...) It's already been proven that revoking priviledges doesn't work. Whatever fix is put in needs to address the problem as much as possible before it gets to the revokation point, IMHO. Sure you can revoke an ID/password but what is to stop them (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| Well, I understand the problem, but also see another one with this. For people personally paying for their bandwith it will just be even more expensive. I tested only one message now, but how about checking several messages at once? Or a better (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp, lugnet.general)
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| Hi Todd, I understand the reasons for doing this, but unfortunately, I used a newsreader to check LUGNet. Now if I want to post, I'll have to go to my browser, look up the newsgroup, find the message I want to respond to, and then post. Needless to (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| |
|
mail
(score: 1.116)
|
|
| | Re: E-mail authentication during posting
|
| (...) Wouldn't that allow a determined spoofer to wait till it was obvious that someone known to be a member was logged in (say if he saw a flurry of posts from you in .pirate within a few min of each other) and then spoof as you, at least as long (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
| |
|
mail
(score: 1.116)
|
