I am not a computer system person by training but there is something that has
bugged me that I thought I would bring up to this group. I apologize if it
has arisen here before.
Our system is using Listprocessor-Version: 6.0 -- ListProcessor by Anastasios
Kotsikonas. When a new user subscribes, it tells the subscriber to change
their password. (The password enables them to change their address to a new
one by sending listproc a command.) The listproc then sends verification of
the changed password to both the subscriber and to the list manager (myself).
I can't help but believe this is a security hole. If others are like me,
they use only one or two passwords for all the systems they access. The way
Listproc *announces* their new password to me when it is reset and then
stores it in a file unencrypted seems like asking for trouble.
Paul Kleeberg, M.D. | Paul @
Family Practice | Paul @
1415 N Washington Ave, #502 | Voice: 507-931-9046
St. Peter, Minnesota 56082 USA | Fax: 507-931-6752