 | | Re: E-mail authentication during posting
|
|
Hi Todd - I'd also like to thank you for this. Now LUGNET is more secure. I do want to continue to voice the concerns a few others have had here though. I also use a newsreader 90% of the time to post, and its an inconvenience. It would be great if (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) I think that's a concern we all share, including Todd. I know that he has been very concerned about that every time the issue has come up in the past. What we have to do is work towards a system which is as painless as possible, which does not (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) It would be nice if each NNTP message could carry its own authentication in some simple software-independent solution. One way that might work (for LUGnet members anyway) would be to search the message body for the string (say): (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
"Kerry Raymond" <kerry@dstc.edu.au> wrote in message news:GF5uAo.5x1@lugnet.com... (...) in (...) That's quite a neat idea, but as you say prone to risk of revealing the password. I still think that using NNTP authentication will work, esp. if it (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) Some tricks could be played to make it more secure. One would be to scan the message for the user's password and if it found it, but it didn't seem to be part of an authenticator, bounce the message. It could also use a fuzzy match for the (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) you can't have the server scan for the users password in the message, since passwords arn't usually saved anywhere on the server at all. So to check for the password, each word, or combination of chars actually (since space can be part of the (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) Inline authentication is used with success in some mailing list packages for moderating lists, but what worries me most about inline authentication is how easy it would be to accidentally cc someone when posting via e-mail (for example, if you (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
Hello Todd, hello everybody, (...) ^^^...^^^ Or if someone is using Outlook Express, which unfortunately defaults to email response when hitting "reply" in the toolbar ... :-( I have been following the discussion about inline authentication for a (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
|
