On Fri, 2001-12-21 at 22:46, Dan Drake wrote: > One thing about which I'm concerned is poisoning the razor system. > Based on some goofing around, it seems that the signature that razor > computes is based only on the body of the message. What's to prevent > someone from submitting, say, a TCLUG message to the razor system, > preventing other razor-using TCLUG members from seeing the message? I _believe_ the signature is based on the entire mail and not just the headers. So it wouldn't stop you from getting another mail from a given poster, but it will prevent you from getting the same mail again. So the way it works is that the first person to submit a signature for say....a toner spam.... would prevent any other razor-check users from getting that particular spam. Since all the posts to the list are "new" or should be, this shouldn't cause a problem since theoretically we should all get the mail at approximately the same time (barring one of Bob's wicked LKML injections, or your ISP's mailserver downtime) -- Ben Lutgens Sistina Software Inc. Kernel panic: I have no root and I want to scream -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20011223/04a81357/attachment.pgp