Fidonet Portal






From: Richard Webb (1:116/901)
To: All
Date: Sat, 22.09.12 23:13
jNode Project
On Sat 2012-Sep-22 19:12, Bj/rn Felten (2:203/2) wrote to Michiel van der
Vlist:

MvdV> Have you forgotten that I got a mail bomb in April this year? I wrote an
MvdV> article about it...

BF> No, of course I haven't. But session passwords can not prevent
BF> that from happening. I'm an NC as well as an RC, and I'm not in Z1
BF> Smile , so I must accept incoming mail from any system.

Might be true, but depending on the mail processor you use
you can set it up so that no archives will be unpacked. raw
.pkt files containing netmail only will be tossed. My
sop has always been that I do the three tiered security
scheme. tHose not in my nodelist or in the nodelist but not secured sessions
won't have their bundles unpacked, nor
echomail be tossed anywhere but bad mail. Raw pkt files
containing netmail will be tossed appropriately.

An nc can still accept mail from anyone using this scheme as he/she is supposed
to, but the security scheme will keep a
mail bomb from being unarchived. The nc can then look at
the unprocessed archive at leisure. Being an nc doesn't
require you to compromise your security if you think about
it, and use software which can implement a decent security
scheme in the first place.

Regards,
Richard
---
* Origin: (1:116/901)

ABOUT

This forum contains echomail areas hosted on Nightmare BBS You can browse local echomail areas, italian fidonet areas and a selection of international fidonet areas, reading messages posted by users in Nightmare BBS or even other BBSs all over the world. You can find file areas too (functional to fidonet technology). You can browse echomail areas and download files with no registration, but if you want to write messages in echomail areas, or use fidonet netmail (private messages with fidomet technology), you have to register. Only a minimal set of data is required, functional to echomail and netmail usage (name, password, email); a registration and login with facebook is provided too, to allow easy registration. If you won't follow rules (each echomail areas has its own, regularly posted in the echomail), your account may be suspended;

CONTACT