[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
Hi Simon, You mentioned "white listing" in your comments below. Is this a method of only allowing mail through from people on an approved list? The reason I ask is that a friend and I are recent(ish) converts to Linux from Billzebub Gates' nasty little love-child ;) Is there a program for Linux that rather than filtering out unwanted mail, only looks for mail that is *wanted*? I know another friend using Winblows uses one but I believe that is a subscription service. As a relative newbie I'm currently using Evolution as my mail client (on which I have a couple of questions for another post). Kind regards, Julian On Mon, 2003-09-29 at 02:12, Simon Waters wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Neil Williams wrote: > > > > 1. Bloat. HTML is necessarily at least twice the size of the same > plain text > > email. > > Especially if it inserts a plain text version for people without HTML > capable clients! This is a particularly daft behaviour, either the HTML > version adds something, in which case don't lose that by automatically > converting to text, or it doesn't so why send it in HTML in the first place? > > > 2. Most people delete HTML email - it's commonly spam > > 3. Because of 2, a lot of people thoroughly distrust HTML email and > nothing > > anyone can say will change that > > 4. Most people here are not Windows users so it isn't a direct threat to > > security but HTML email still has that reputation (and rightly so). > > I disagree, I would suggest that HTML mail exercises sufficiently extra > ways through the code that it presents a significantly increased threat > to security on all major platforms. > > Linux mail clients aren't magically exempt from security problems. They > may be better engineered, and better supported <sic>, and the OS may > provide some extra protection, than the most exploited mail client and > OS(es), but all it takes is one buffer overflow (at least on most > platforms). > > Why do you think Kmail does that text only view of HTML? Call it > defensive coding. > > > 5. This is a forum for discussion not presentation. > > 6. KISS - HTML emails break horribly when someone replies in plain text. > > 7. It's established policy from a series of threads over the years. > > 8. Problems with quoting (many common mailers can't correctly handle > quoting HTML mail - mentioning no vendors - so it tend to head towards > "top posting" - yuk). > > 9. Problems with digest formats - most mailing lists offer digest > format, some offer digest and allow HTML - argh (You'd think NANOG would > know better). > > 10. Allows cross site scripting attack against mailing list archives... > that security thing again... although hopefully Neil is on top of this one. > > 11. Many mail clients produce lousy mark-up so it may not look like you > expect. I routinely get an email from a web design company, whose > marketing newsletter uses a 'Windows only' font in the HTML(? M$ML?), so > the apostrophes are toast, they won't ever be designing my website, this > somewhat defeats their marketing goal. > > > email clients usually do the colour thing for replies and quote > levels. If you > > want to emphasise something, use smilies or underline it like this. > > **************** > > Yuk, it'll never line up, stop assuming things about the readers system. > If you must assume something, assume it has been Babelfished into German > and then converted into braille on a braille display that shows one line > at a time, or sent to a mobile phone, or both. > > Smilies? Well I like smilies, but probably the exclamation mark is > better style! > > ¡Ola! The Spanish win here, marking the emphasis at the correct place in > the sentence (especially when reading to other people), and marking > where it ends. ¿ Perhaps we should copy their punctuation, at least in > this respect? > > I'm *sure* between *us* we can find other ways of *emphasising* stuff ;) > > >>Sorry if that was a problem but I thought everyone would be using > >>software that would cope with that. > > > > The software can handle it, the users prefer not to have it rammed > down their > > inbox. > > > > :-) > > Since I switched to whitelisting (challenge/response) I stopped > filtering unexpected HTML mail straight to the probably spam bucket > (Rick has the dubious honour of being the only false positive), but I > reserve the right to change my mind. > > All the mail clients I use regularly support HTML, excepting mailx but > I'd be damn annoyed if you managed to send mail to those systems, given > the firewalling, and the lack of an SMTP daemon ;) > > Simon > -----BEGIN PGP SIGNATURE----- > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQE/d4cWGFXfHI9FVgYRApB4AJwOGgIBEaPXmxlaiuRDoe/re4X4oACbBy5+ > QA5GLhSZiShQpKiVFOf00DQ= > =GlZ/ > -----END PGP SIGNATURE----- > > -- > The Mailing List for the Devon & Cornwall LUG > Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the > message body to unsubscribe. -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.