Yeah, I was thinking much the same thing recently. The real problem though,
is not the fact that we have HTML mail, but that images embedded in HTML
mail are sourced from a web site, and that the web site catalogs what images
are accessed, therefore showing which email addresses are active. And your
suggestion that we have no images in email... well, can you imagine what the
public outcry would be against that? Joe Sixpack wants his images, and so do
various e-tailors like barnes and noble, amazon, etc.
A better idea would probably be to include the images inside the email as an
attachment, as you suggested.
I was thinking though, what about a whole new page description language?
HTML has always seemed a bit wasteful to me, since you have to go explicitly
set values like SRC, HREF, etc. What about something like <b14i>NARF</>,
where the first character in the opening tag represents the color (bLUE),
the next two the text size (14), the next character the font weight
(iTALIC)?
Interesting line of thinking. I'd love to see this thread end up to becoming
a project.....
-Vinny
----- Original Message -----
From: "Denny Figuerres" <denny(_at_)figuerres(_dot_)com>
To: "'ASRG'" <asrg(_at_)ietf(_dot_)org>
Sent: Sunday, January 04, 2004 11:53 AM
Subject: RE: [Asrg] 0. General - idea to reduce problems with message
content.
I was just on a weblog talking about HTML in email.
As I wrote a post I felt it should get read here also:
for the interested folks....
the real problems with HTML email are as follows:
1) scripts in the email (JavaScript and such)
2) image links in the email that may tell the server you have read the
email.
3) image links that look like
SRC="http://www.domain.com/CGI-BIN/image.pl=dgfd36546";
that windup logging your action and may also be a way for spyware and
such.
I'd like to see an open standard for a ML based on html but it would ban
the
above items, no external links to any image, program, style sheet, script
file etc...
no client side script tags.
no "Malformed" HTML tags as used in spam to hide the message from
filters!!
if we could have a standard like that, it could help make HTML format safe
for users and less of a problem for the folks who currently don't want it.
infact I bet 90% of the "No HTML email" policy's would go away given the
rules I just sugjested.
Basicaly a minimal-html subset that would allow css inline's and attached
in-the-email images but no outside links.
So the content would "stand alone" and would not have any script.
This could be a new mime-type standard that would allow current html
rendering logic to work.
A minimal set of software changes in email clients to verify the the
decalred mime-type was compling with the rules.
No breakage of SMTP,POP3 etc....
Just an idea.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg