mhonarc-users

Re: Contact form linking from "From:" header

2004-01-10 05:22:52
Earl Hood wrote:
On January 9, 2004 at 21:21, Gunnar Hjalmarsson wrote:
What bothers me about it is that since I can easily parse - and deobfuscate - the from addresses, so can the spammers... So I
can't help wondering what the "X-From-R13:" header is normally
used for, and if it's really needed. ;-)

Yep.  It is there for mha-dbrecover.

I'm seriously considering adding a resource that disables the
<!--X- ... --> header comments.

Needless to say, I would support such a resource.

It means that CGI::ContactForm::MHonArc should better keep grabbing
the addresses etc. from .mhonarc.db, right?

Doing so will prevent the use of mha-dbrecover on archives, but for
those that keep the original raw mail data, it should not be a
problem.

True. And keeping the raw data is reasonably advisable anyway.

Another concern is can impact the ability of namazu to index message fields. Therefore, it may just be enough to mask out
X-From-R13.  I'm not sure what to call the resource that just does
that.

Neither am I. But whatever name you give it, it should better be
enabled by default via the SPAMMODE resource.

--
Gunnar Hjalmarsson
Email: http://www.gunnar.cc/cgi-bin/contact.pl


<Prev in Thread] Current Thread [Next in Thread>