replace From: with contents of authinfo?
Divya.Sundaram at motorola.com
Wed Jul 31 16:09:55 UTC 2002
To put my two cents in, I support the replacing of From lines
with Authenticated sender info for "private"/"internal"
newsgroups, but not for public Usenet groups.
From: davidsen at tmr.com [mailto:davidsen at tmr.com]
Sent: Wednesday, July 31, 2002 10:37 AM
To: inn-workers at isc.org
Subject: Re: replace From: with contents of authinfo?
In article <Pine.LNX.4.44.0207301436510.17358-100000 at sasami.anime.net>,
Dan Hollis <goemon at anime.net> wrote:
| Anyone have a patch so that nnrpd will replace the contents of
| client-submitted "From:" with the username authenticated from authinfo? Or
| something to add an "X-Authenticated-Username: blabla" ?
This is being discussed with great heat in another forum, and most
of the participants, mostly experienced admins, seem to feel that this
is a violation of privacy.
If you are doing this to track actual senders, there are better ways,
logs (possibly written by your posting filter) among them. Putting a
real-id in a post is a pretty draconian thing to do. Some sites put a
uniqueue encrypted info string in the post which only they can read, but
it's not in any way clear text, and not uniqueue to every poster.
If you don't like the from line, refuse the post, don't put what might
be personal information in its place. It's fine to have a policy
requiring true names, you can accomplish that by rejecting posts.
bill davidsen <davidsen at tmr.com>
CTO, TMR Associates, Inc
Doing interesting things with little computers since 1979.
More information about the inn-workers