On Mon, 03/02/2003 04:42 -0800, Alexander Hvostov wrote: > On Sun, 2003-02-02 at 17:06, Tim van Erven wrote: >> * Rendering delays. Waiting > 1s for each mail to render is >> unacceptable when you have to go through a lot of mail. > > Configure your MUA to ignore some of the more CPU-intensive markup (eg, > images).
Automated filters on message contents are a very bad idea. Stripping content can completely alter the message's content. Imagine for instance a message reading "I'm breaking up with you." with an image underneath that shows a sign saying "Just kidding, silly.". You definately wouldn't want to just ignore the image. Of course this is just one example. A similar scenario could be constructed for every kind of automated filter. >> * Raising the minimum system requirements. (Think: small gadgets.) > > See above. HTML is easy to parse, and it is therefore easy to strip out > unnecessary stuff. The hard part is rendering some kinds of markup (like > images). Time your browser rendering some websites you visit, multiply by the amount of mails some folks get, talk again. >> But keeping things simple is the first rule of writing secure code. > > Simplicity is not always the best way to do it. The Linux kernel is an > example. Simplicity is always the best way to do it. Additional complexity always needs a very good justification. -- Tim van Erven <[EMAIL PROTECTED]> Fingerprint: F6C9 61EE 242C C012 OpenPGP Key ID: 712CB811 36D5 BBF8 6310 D557 712C B811