Re: mailing a copy of a message from an archive

2002-09-30 22:00:07
To answer the couple of messages that echoed the same sentiment...

On Mon, Sep 30, 2002 at 11:50:14AM -0500, Earl Hood wrote:

This kind of feature could be abused since it would require that
you specify which email address to send a copy of the message to,

Right.  I should have mentioned that I did realize this.  There are a
couple of ways to prevent abuse...

and a malicious user could choose arbitrary addresses to submit.

This could happen, yes, without mechanisms to prevent it.

The <> archives (and any that
use mharc) have an Original link that downloads the original raw message.

Hmmmm.  An interesting approach could be to configure one's browser to
fire up the MUA (or open a window on an already running MUA) and open
the downloaded content when downloading something of content type
"message/rfc822".  Of course, the webserver sending the message would
have to send it with the appropriate mime-type.

For the MUA I use, nmh, it is trivial to import the data into my inbox
so I can manipulate it like any other message.  However, for other MUAs,
importing the dowloaded raw message may be more difficult.

Shouldn't be too difficult with mutt or even perhaps Evolution.  I do
like this idea a bit more than "bounce the message to: ".  But to
finish my thought on my original idea...

I like your idea, but unfortunately, I do not see a way to prevent
if from being abused.

Two different ways, or a combination of them if one wished.  One would
be to rate limit the number of messages a given IP in a given time
window can have bounced.  Not fool-proof by any means.

The second is to limit bouncing messages to list-subscribed addresses
only.  This one is fool-proof (well as fool-proof as DoS-preventing
any mailing list in the first place) but requires more hoops to simply
get a message to respond to.

Note, some do use mailto: links, but it is limited if you desire
to have access to the entire message body.



Brian J. Murrell

Attachment: pgpPo6ZoO3beN.pgp
Description: PGP signature

<Prev in Thread] Current Thread [Next in Thread>