http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=3280
Ian Walls <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ian.walls@bywatersolutions. | |com --- Comment #1 from Ian Walls <[email protected]> 2011-12-04 18:01:52 UTC --- Confirmed this is still an issue. Not sure there is any good way around this. To truly solve the issue, we'd need to be able to separate the spam from the ham (as it were), which is too subjective to handle systematically. Perhaps instead of allowing arbitrary email addresses, we only allow either other borrowernumbers (so you can send to your friends) or a selection of one of the patron's own email addresses. The latter would be much easier than the former. This would reduce the flexibility of opac-sendbasket, but I think that flexibility is the fundamental security issue here. -- Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA Contact for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
