home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!sun-barr!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!uwm.edu!ogicse!das-news.harvard.edu!endor!adam
- From: adam@endor.uucp (Adam Shostack)
- Newsgroups: comp.mail.elm
- Subject: Re: elm wish list
- Message-ID: <1992Nov9.181437.13002@das.harvard.edu>
- Date: 9 Nov 92 18:14:37 GMT
- Article-I.D.: das.1992Nov9.181437.13002
- References: <1992Nov5.023642.5435@DSI.COM> <Bx9GEr.C5M@ars2.uucp> <syscrc.721158601@gsusgi1.gsu.edu>
- Sender: usenet@das.harvard.edu (Network News)
- Organization: Aiken Computation Lab, Harvard University
- Lines: 25
-
- In article <syscrc.721158601@gsusgi1.gsu.edu> syscrc@pickle.gsu.edu (Randy Carpenter) writes:
- >briank@ars2.uucp (D. Brian Kimmel) writes:
-
- >>I think that this feature would be a valuable addition to elm.
- >>A *reply* to mail aliased into your mailbox could build the
- >>From: line from the received To: line and build a Sender: line
- >>as the current From: line is being constructed. This would
- >>only occur if the users LOGNAME is not part of the To: field.
-
- >Wouldn't this suggested feature allow allow an e-mail security hole? For
- >example, a bad guy could type in a fake letter complete with headers from
- >another person (i.e. a fake "To:" line). Let's say he uses "To: root".
- >Then, store it in a folder, reply to it and Elm would put "From: root" in
- >the headers?
-
- Well, since there are other easy ways to fake mail from root, I don't
- think that this is really too much of a worry.
-
- Adam
-
-
- Adam Shostack adam@das.harvard.edu
-
- What a terrible thing to have lost one's .sig. Or not to have a .sig
- at all because of elections. How true that is.
-
