I think that setting up a system that accepts input which can be forged/fabricated at will in any desired quantity by nearly any attacker and then generates email output to arbitrary destinations of that attacker's choosing is a seriously bad idea. This is an abuse magnet -- perhaps one that's well-intended, but it will be repurposed as soon as it's worth someone's time/effort.
---rsk p.s. Here's an interesting thought experiment for you. Suppose S is a scammer and V is the intended victim. S writes a scam message, plugs V's address into it, and reports this fake to rescam.org. Then S actually sends the scam to V, with S's address in it. V reports this to rescam.org. What does rescam.org do? If it responds to neither, then V now has a technique for rendering it useless. If it responds to both, then V has been victimized twice. If it responds only to one, which one? The one that arrived first? Well, that's wrong. The one that arrived second? But why? Now make it a thousand V's and one S, or vice versa. _______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
