On 2004-03-23, Bruce Richardson <itsbruce@???> wrote:
> You're coming at this from the wrong direction. They don't need to know
> anybody else's password, just their e-mail address. Then they can
> authenticate as themselves but send e-mail as someone else.
That's cured by -
* Encouraging the use of strong cryptography (pgp / gnupg) among your users
* Finding the forger (typically quite easy if you look at headers and logs) and
throwing him out on his ass.
srs
--
linux@??? (Suresh Ramasubramanian)
jaharkes@ravel:/usr/src$ mv linux Gnu/Linux
mv: cannot move `linux' to `Gnu/Linux': No such file or directory
jaharkes @ cs.cmu.edu in reply to RMS on linux.kernel