Newsgroups: comp.sys.atari.st
Path: utzoo!utdoe!david
From: david@doe.utoronto.ca (David Megginson)
Subject: Re: Bye Bye BART
Message-ID: <1991Feb20.142124.9964@doe.utoronto.ca>
Reply-To: david@doe.utoronto.ca (David Megginson)
Organization: Dictionary of Old English Project, University of Toronto
Date: Wed, 20 Feb 1991 14:21:24 GMT


In <1991Feb19.154407.4016@math.lsa.umich.edu>, Jon Brode writes:
> In article <2798@krafla.rhi.hi.is> adamd@rhi.hi.is (Adam David) writes:
> >Surely it can't
> >be too difficult to rig up a "hacker-proof" mailer quota system.
> 
> I'm open to any suggestions on how to do an automatic "hacker-proof" quota
> system. The version I'm testing now closes the hole that was used, but I
> still know of many easy ways to fool the quota system and no easy way to
> prevent it.
> 

Perhaps it would be a good idea to do a little monitoring. Have a kill
file of accounts which are banned from BART, and a routine in the
program to inform you of possible violations (ie. user names match +
part of host, etc.). The possible violations list should be small (a few
names every week). By looking over the list for about 5 minutes every
week, you should be able to figure out who is cheating, and when you
have identified a cheater, send them a canned message and add them to
the kill file. This way, the computer does most of the work, but you
make the final judgement. For example, since my address is

	david@doe.utoronto.ca

you could check for 'david' and 'doe' in the quota file, and it would
find variations on this. Likewise, you could have BART report unusually
heavy activity from a single host (I might have more than 1 account at
doe), and if it looks serious, you could check with the sysadmin to
make sure everything's kosher.


David


-- 
////////////////////////////////////////////////////////////////////////
/  David Megginson                      david@doe.utoronto.ca          /
/  Centre for Medieval Studies          meggin@vm.epas.utoronto.ca     /
////////////////////////////////////////////////////////////////////////
