> I don't understand, is your entire addressbook "exposed", or just the > user's contacts?
The common LDAP addressbook is "exposed" at the compose page code. There's no problem of one user reading the contacts of someone else. > Also, if a user has access to your addressbook, isn't there a certain > level of trust already? Yes, there's some level trust. All my users can send emails to each other, placing the desired contacts in the "to:", "bcc:" or "cc:" fields. What I'm wanting to avoid is that someone just "right click" on the compose page and "show source code". Then, copy all contacts, and past it at "bcc:", for sending spam for all other users. He would have to hack the HTML page and open another .js file or create a script for getting it with an ajax page. That is, I want get things harder for dummy users wishing to send spam mail. Thanks a lot for your help Jonathan Araújo Administrador de Infra-estrutura de TI Gerência de TI - INDG S.A. -------------------------------------------------------------------------------- Este documento pode incluir informação confidencial e de propriedade restrita do Instituto de Desenvolvimento Gerencial-INDG e apenas pode ser lido por aquele(s) a quem sido endereçado. Se você recebeu esta mensagem de e-mail indevidamente, por favor avise-nos imediatamente. Quaisquer opiniões ou informações contidas neste e-mail pertencem ao seu remetente e não necessariamente coincidem com as do Instituto de Desenvolvimento Gerencial-INDG. Este documento não pode ser reproduzido, copiado, distribuído, publicado ou modificado por terceiros, sem a prévia autorização por escrito do Instituto de Desenvolvimento Gerencial-INDG. This document may include proprietary and confidential information of Instituto de Desenvolvimento Gerencial-INDG, and may only be read by those persons to whom it is addressed. If you have received this e-mail message in error, please notify us immediately. Any views or opinions expressed in this e-mail are those of the sender and do not necessarily coincide with those of the Instituto de Desenvolvimento Gerencial - INDG. This document may not be reproduced, copied, distributed, published, modified or furnished to third parties, without the prior written consent of Instituto de Desenvolvimento Gerencial-INDG. -------------------------------------------------------------------------------- _______________________________________________ List info: http://lists.roundcube.net/dev/
