Those "cookies" will have to be signed to be considered for serious use.
Otherwise some (you all know who I'm referring to) may see it as looophole
and forge the cookies (even if user did not send them) to effect mail
routing or how the email is interpreted at recepient end..
I do see this kind of "cookie" mechanism as interesting idea though, not just
to be returned back to the sender to identify thread but to establish trust
relationship between users (whitelists of some kind) and digital record
of such "relationship" as well as for possible statistical use, for
marketing purposes to allow to measure and properly direct response and
for number of other reasons I can't immediatly see.
There may also be some use for non-returnable cookies (ok, maybe its not a
cookie any more then) to allow sender to push to recepient certain parameters
that would stay at recepient end and may be later reused for when additional
emails are received from the same user. However the kind of parameters
would have to be pretty well defined then ...
On Thu, 12 Feb 2004, Hadmut Danisch wrote:
On Thu, Feb 12, 2004 at 02:13:56PM +0000, John Berthels wrote:
If I understand correctly, you intend the cookie as a (semi-permanent)
instruction to the recipient's MUA to include the cookie in mails to your
address and/or your domain, in order to help "file" the response
efficiently at your end.
Yes, exactly. :-)
I can see some potential use in this, but wouldn't it be better to have a
method to instruct your local mail system to perform the same filing
actions on all email from that particular address? Particularly since the
recipient may change MUA?
Have I understood correctly? Would address filtering give you what you
expect to get from such a cookie?
You understood perfectly what I want to do. :-)
But address filtering would not do the same for some reasons:
- The mail address is not secret. As long as we don't have a
spoofing protection, anyone can fake it. E.g. if this is used
to give you posting access to a mailing list, anyone would
know your e-mail address, but you would know the cookie only.
- At least the german privacy laws do not allow to have databases
of individual data - such as e-mail addresses - under all