 | | Re: NNTP Posting Broken?
|
|
(...) I have also posted several messages by NNTP, and I thought I had a pattern established which was confined to responses to Todd's posts (which could have been somehow tripping over the filter he put in place so his ID couldn't be hijacked), and (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
BTW, I just wanted to also add that I think Todd has done a great job of finding a way to stop the recent hijacking problem, and I hope my comments don't sound like I'm moaning too much. Hopefully these discussions will bring about some new ideas on (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
"Eric Kingsley" <kingsley@nelug.org> wrote in message news:GF4oDv.5ww@lugnet.com... (...) fix (...) to (...) is to (...) you (...) This new system has little benefit over the existing open one if you look at it from the view of being able to block (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: NNTP Posting Broken?
|
|
(...) I've been able to reply via NNTP - in fact, this message is sent that way! :) (...) I'm sure better solutions for SMTP/NNTP users will evolve. The web solution is still good in case you're not working in your natural environment, and as a (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | NNTP Posting Broken?
|
|
Ok, perhaps I'm overreacting, but it seems that NNTP replying is broken. A reply to my own post seems to have just gone in the bit bucket. Hmm, I was getting authentications almost immediately, now I'm still haven't got one for a test post. Well, (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: Music in the Castle room during Brickfest
|
|
(...) Ok, I think I can respond to this after many tries. It seems that if I try and quote Todd and use his full name in the "Todd... wrote" header, my post dissapears into the bit bucket. In any case, I was going to mention that I'll be bringing a (...) (23 years ago, 18-Jun-01, to lugnet.castle.org.cw, lugnet.events.brickfest, lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) It's already been proven that revoking priviledges doesn't work. Whatever fix is put in needs to address the problem as much as possible before it gets to the revokation point, IMHO. Sure you can revoke an ID/password but what is to stop them (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: Test of crosspost
|
|
(...) Ok, that worked, but I still haven't received a verification message for any of the three responses I made to Todd's post in lugnet.castle.org.cw about music. (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Test of crosspost
|
|
Ok, let's see if we can crosspost using NNTP. Every message which has been crossposted has gone into the bit bucket as far as I can tell. (23 years ago, 18-Jun-01, to lugnet.off-topic.test, lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) Do we have to worry that much about that? I think the primary concern is to have a reasonable way to block posting by unauthorized folks. If you abuse your priviledges, your NNTP ID/password would be revoked. (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) It's that second part that's tricky. The first part doesn't help, because once logged in as anybody, you can post as anybody else. (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) Todd, I just wanted to thank you publicly for doing this. I know its not perfect but I personally would rather live with a little inconvenience then have to deal with people stealing identities. Fortunately for me I am a member that uses the (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) A followup thought to this - provide a "confirm my posts" link to the web interface when you are logged on. This would allow use of NNTP to post (I much prefer it due to a variety of interface issues, including size of the area to type the (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
"LUGNET Admin" <todd@lugnet.com> wrote in message news:GF4HrG.C3I@lugnet.com... (...) In that case I like Horst's idea of being able to list all posts for a user on a single page and being able to tick the ones to post, tick the ones to delete, and (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) A public news server that I use allows people to connect and read messages freely, but requires a username/password to post, so it shouldn't be unfeasible to do that here. You'd still need to do some additional checking to ensure the username (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) I was wondering about that, but how do you avoid things like bad vacation programs or other auto-responders, or people who just hit Reply and scream back some curses? :) I suppose it could work if you had to reply AND put, say, an 'x' into a (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) This was talked about a couple weeks ago already, actually, and I don't really think it's a workable option, unfortunately. -- Todd S. Lehman | LUGNET Admin <todd@lugnet.com> (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) As far as I'm aware, zero. NNTP doesn't do authentication -- it does authorization. That is, if you're authorized to post to the server (after giving your username/password), you can still forge messages in anyone's name. Some server hacks (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
First of all, thanks for putting in a quick fix. This should defenitly work, now we just need to figure out a way to make it easier :) In lugnet.admin.nntp, Horst Lehner writes: \>Also, PGP encryption could potentially be used to offer a totally (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) Good work, Todd. As I use the web interface this doesn't affect me much at all. I understand the issues raised by some who do not use the web interface, and I'm sure you'll work with them as much as possible/feasible to address their concerns, (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
