Path: utzoo!attcan!uunet!husc6!mailrus!ncar!boulder!gore!jacob
From: jacob@gore.com (Jacob Gore)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: trash message from usenet (BIFF)
Message-ID: <670006@gore.com>
Date: 2 Jun 90 05:21:22 GMT
References: <9006011556.AA23309@sonny.proteon.com>
Reply-To: jacob@gore.com (Jacob Gore)
Organization: Gore Enterprises
Lines: 45

/ comp.protocols.tcp-ip / jas@proteon.com (John A. Shriver) / Jun  1, 1990 /
> I'd rather the "gateways" be made one
> way (out from Internet only), or even non-existent. [...]
> I realize that this would deny netnews/uucp only sites access to the
> Internet mailing lists,

You should also realize that this would deny people on the Internet mailing
list contributions from Usenet users.

> but if their umbrella organization (usenet)

It's not an organization.  It's a community.

> cannot maintain professional standards of behavior, then that is their
> loss.

Ah, I see.  Not your loss.  All the important people are on the mailing lists.

>  By implementing a system without accountability, they create
> that risk.

True.  Funny thing, though: this is what a lot of VMS/DECNET buffs were
saying about the Internet after the Morris Worm.  Until the DECNET worm a
few months later, that is...

> I (and others) would welcome netnews being made properly accountable
> and secure.

Certainly.

But what's so special about mailing lists?  It IS easy to fake Usenet
messages; but are you saying that it's hard to fake messages sent to a
mailing list?

> not building the Received: lines may make netnews
> more efficient, but this removes all vestiges of accountability.  This
> is a key problem.

One can start a mail message with a fake sequence of "Received:" lines just
as easily as starting a Usenet message with a fake "Path:" line (which is
what the cowabanga bozo did).

Jacob
--
Jacob Gore		Jacob@Gore.Com			boulder!gore!jacob