[cryptography] Reply-To header (Was: Non-governmental exploitation of crypto flaws?)
lloyd at randombit.net
Mon Nov 28 21:33:23 EST 2011
On Mon, Nov 28, 2011 at 08:40:45PM -0500, Steven Bellovin wrote:
> On Nov 28, 2011, at 8:03 PM, Nico Williams wrote:
> > The list is configured to set Reply-To. This is bad, and in some
> > cases has had humorous results. I recommend the list owners change
> > this ASAP.
> Agree, strongly. The mailman documentation agrees with us. I'm on the
> verge of unsubscribing on the grounds that the list is a privacy violation
> in action.
I've flipped that switch in mailman. I was not aware this was a
contentious issue. Mutt asks if I want to reply to sender or list
regardless, with the default being one or the other depending on the
list's setting. I didn't consider other mailers might not behave this
For future reference, complaints about list management (such as it is)
are best sent to me directly (or at least CC'ed) as I really don't
read every post.
More information about the cryptography