Newsgroups: comp.sys.atari.st Path: utzoo!utdoe!david From: david@doe.utoronto.ca (David Megginson) Subject: Re: Bye Bye BART Message-ID: <1991Feb20.142124.9964@doe.utoronto.ca> Reply-To: david@doe.utoronto.ca (David Megginson) Organization: Dictionary of Old English Project, University of Toronto Date: Wed, 20 Feb 1991 14:21:24 GMT In <1991Feb19.154407.4016@math.lsa.umich.edu>, Jon Brode writes: > In article <2798@krafla.rhi.hi.is> adamd@rhi.hi.is (Adam David) writes: > >Surely it can't > >be too difficult to rig up a "hacker-proof" mailer quota system. > > I'm open to any suggestions on how to do an automatic "hacker-proof" quota > system. The version I'm testing now closes the hole that was used, but I > still know of many easy ways to fool the quota system and no easy way to > prevent it. > Perhaps it would be a good idea to do a little monitoring. Have a kill file of accounts which are banned from BART, and a routine in the program to inform you of possible violations (ie. user names match + part of host, etc.). The possible violations list should be small (a few names every week). By looking over the list for about 5 minutes every week, you should be able to figure out who is cheating, and when you have identified a cheater, send them a canned message and add them to the kill file. This way, the computer does most of the work, but you make the final judgement. For example, since my address is david@doe.utoronto.ca you could check for 'david' and 'doe' in the quota file, and it would find variations on this. Likewise, you could have BART report unusually heavy activity from a single host (I might have more than 1 account at doe), and if it looks serious, you could check with the sysadmin to make sure everything's kosher. David -- //////////////////////////////////////////////////////////////////////// / David Megginson david@doe.utoronto.ca / / Centre for Medieval Studies meggin@vm.epas.utoronto.ca / ////////////////////////////////////////////////////////////////////////