Subj : Pssword ord ord case insensitive or not? To : Oli From : mark lewis Date : Wed Apr 22 2020 15:57:16 Re: Pssword ord ord case insensitive or not? By: Oli to Alan Ianson on Wed Apr 22 2020 21:37:31 Oli> I wonder why we still use packet passwords. at one time, fidonet has had some folks that like to ""play games""... one of their games was to take messages from another (adult-oriented) network, replace their headers with message headers from legitimate fidonet messages, and then drop those bogus messages off in unsuspecting systems inbounds... they generally used someone else's node number for these injections... at that time, packet passwords were not as widely used and figuring out how to get a system's session password was (and still is) fairly easy to do... one of the suspected goals of these pranksters(??) was to try to increase security in fidonet... so the victim systems, saw the mail from a supposedly legitimate link and tossed it... the result was chaos... Oli> Why not create a inbound filebox for every node/point that calls Oli> and rely on the session password? two layers of protection are better than one... at least, that's the current thought... witness today's internet logins using a password as well as an authentication token sent via SMS or similar... Oli> Is there any (open source) mailer or tosser that support inbound Oli> fileboxes? binkd supports inbound fileboxes... i'm not sure about tossers, though... when i was using inbound fileboxes on my previous system, i had a script that located inbound traffic in the inbound fileboxes and moved it to a central processing directory where the tosser could find it... in addition to moving the traffic, the script did some additional processing to attempt to validate the traffic as being authentic before the tosser was allowed to process it... the traffic was also archived for later analysis if needed... it wasn't really pretty but it worked ;) )\/(ark --- SBBSecho 3.10-Linux * Origin: SouthEast Star Mail HUB - SESTAR (1:3634/12) .