Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!sri-spam!ames!ptsfa!ihnp4!drutx!druhi!clive
From: clive@druhi.UUCP
Newsgroups: comp.unix.questions
Subject: Re: Why can't mail have unpost command
Message-ID: <1712@druhi.UUCP>
Date: Tue, 24-Feb-87 03:37:48 EST
Article-I.D.: druhi.1712
Posted: Tue Feb 24 03:37:48 1987
Date-Received: Fri, 27-Feb-87 22:27:30 EST
References: <1850@cit-vax.Caltech.Edu>
Organization: resident visitor
Lines: 30

in article <1850@cit-vax.Caltech.Edu>, trent@cit-vax.Caltech.Edu (Ray Trent) says:
[...]
> Tell me, how do you prevent someone from simply coming in and 'canceling'
> someone else's mail, reading the return copy, and resending it? That is,
> unless you want to rewrite mail to pass along a password or something. 
[...]

Well, I think you certainly have a point worth looking into, Ray.

Let's consider.  On a given machine, there will be only one user with a
given (usable->first in /etc/passwd) userid.  And no (non-root) way to
fake one.

Also, mail headers contain this information, in the path from which the 
mail came.

Further, we already have server access control, in the current way
mail works.

It seems to me then, that a simple addition to the server can
easily and securely know which pieces of mail, if any, a given
(local or remote) requester deserves to cancel.

And that no one can beat this, unless they have root (or mail) 
privileges, and furthermore, on the recipient's machine.

It's late, so maybe I'm wrong.  What do you think?


Clive