From owner-freebsd-security  Sun Dec 15 22:17:51 1996
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id WAA09220
          for security-outgoing; Sun, 15 Dec 1996 22:17:51 -0800 (PST)
Received: from silver.sms.fi (root@silver.sms.fi [194.111.122.17])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id WAA09212
          for <security@freebsd.org>; Sun, 15 Dec 1996 22:17:48 -0800 (PST)
Received: (from pete@localhost) by silver.sms.fi (8.7.6/8.7.3) id IAA03360; Mon, 16 Dec 1996 08:17:17 +0200 (EET)
Date: Mon, 16 Dec 1996 08:17:17 +0200 (EET)
Message-Id: <199612160617.IAA03360@silver.sms.fi>
From: Petri Helenius <pete@sms.fi>
To: Doug Kwan ~{9XUq5B~} <ctkwan@cs.hku.hk>
Cc: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>,
        security@freebsd.org
Subject: Re: mail bomb! 
In-Reply-To: <Pine.SUN.3.91.961216104517.24119A-100000@champion>
References: <199612151550.HAA14407@passer.osg.gov.bc.ca>
	<Pine.SUN.3.91.961216104517.24119A-100000@champion>
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Doug Kwan ~{9XUq5B~} writes:
 > Hi,
 > 
 > Unfortunately, that jerk uses fake e-mail address. He sent mail
 > in our support account's name. We cannot filter mails from our
 > support account.
 > 
Have you ever considered using PGP signatures to verify the
authtenticity of your postings. If the neccessity of verifying the
signature would be informed at signup time, it would be the 'user's
fault' if he/she would believe the message without verifying it.

Pete