replace From: with contents of authinfo?

bill davidsen davidsen at tmr.com
Wed Jul 31 15:37:27 UTC 2002


In article <Pine.LNX.4.44.0207301436510.17358-100000 at sasami.anime.net>,
Dan Hollis  <goemon at anime.net> wrote:
| 
| Anyone have a patch so that nnrpd will replace the contents of 
| client-submitted "From:" with the username authenticated from authinfo? Or 
| something to add an "X-Authenticated-Username: blabla" ?

This is being discussed with great heat in another forum, and most
of the participants, mostly experienced admins, seem to feel that this
is a violation of privacy.

If you are doing this to track actual senders, there are better ways,
logs (possibly written by your posting filter) among them. Putting a
real-id in a post is a pretty draconian thing to do. Some sites put a
uniqueue encrypted info string in the post which only they can read, but
it's not in any way clear text, and not uniqueue to every poster.

If you don't like the from line, refuse the post, don't put what might
be personal information in its place. It's fine to have a policy
requiring true names, you can accomplish that by rejecting posts.
-- 
bill davidsen <davidsen at tmr.com>
  CTO, TMR Associates, Inc
Doing interesting things with little computers since 1979.


More information about the inn-workers mailing list