Re: Accidental spoofing -> Re: [gentoo-dev] We Are All wltjr On This Blessed Day
On 2017-12-05 10:51, Georg Rudoy wrote: > From and Reply-To are two separate fields. Yes, but that wasn’t what was being discussed. I was giving an example as to why the From field should be editable in an email client. I’ll set the Reply-To for emails to be directed to the proper contact point, but it’s nonsensical to say it’s coming from a human point of contact when it’s an “automated” message. The Reply-To still wouldn’t be m...@example.com either. Rather, it’d be set to customer-serv...@example.com, or whatever it needs to be. donotreply is a succinct way of communicating that the recipient doesn’t or shouldn’t have to reply to the email and that it’s an automated email. signature.asc Description: Digital signature
Re: Accidental spoofing -> Re: [gentoo-dev] We Are All wltjr On This Blessed Day
On 05.12.17 at 15:14 user Aaron W. Swensonwrote: > One reason is to send from a nonexistent account to avoid getting > replies in the first place. >From and Reply-To are two separate fields. But that, of course, depends on the way bans are implemented in the maillist management software. -- Georg Rudoy
Re: Accidental spoofing -> Re: [gentoo-dev] We Are All wltjr On This Blessed Day
On 2017-12-04 18:08, William L. Thomson Jr. wrote: > On Mon, 4 Dec 2017 18:01:39 -0500 > "William L. Thomson Jr."wrote: > > > On Mon, 4 Dec 2017 14:43:15 -0800 > > Matt Turner wrote: > > > > > > Sorry. I think I was confusing a number of irritating things you've > > > done: email spoofing, > > > > That was a complete accident due to a new version of Kmail that had > > the from field editable by default. It was NOT intentional. Not the > > 1st time. The 2nd time was for confirmation. I was in disbelieve such > > abuse was even possible with @gentoo.org addresses. That was a > > shocking discovery given I have administrated mail severs for quite > > some time. In part why I use ASSP. > > I filed a bug with KDE on that but of course went WONTFIX. I think its > horrible as it allows people to spoof, spam and do bad things... > > Make From field in the composer read only > https://bugs.kde.org/show_bug.cgi?id=373313 > > Me personally I would never make software or change it to allow people > to make such a mistake. Others felt differently. I stopped using > Kmail2. I use Claws-mail now, but it also has editable from field :( > > Email clients should only allow email address that are in configured > accounts. But that is my opinion. Others seem to feel differently. I > cannot see any good reasons for such really. One reason is to send from a nonexistent account to avoid getting replies in the first place. Like donotre...@example.com for order updates, confirmation emails, and so on. A person doesn’t actually exist behind the email, but emails have to say they’re coming from somewhere. And, a properly setup SMTP server will need an credentials to send those email. If donotreply doesn’t exist, then the account setup will (probably) have an email address that differs from the one that’s used to compose the email. I use it myself when I need to inform our customers about a change. I don’t want to field hundreds of email personally, so I change the from address. So, email clients most definitely should allow an individual to change the from field. It’s a good thing. But, like any other tool, it can be used improperly. signature.asc Description: Digital signature
Accidental spoofing -> Re: [gentoo-dev] We Are All wltjr On This Blessed Day
On Mon, 4 Dec 2017 18:01:39 -0500 "William L. Thomson Jr."wrote: > On Mon, 4 Dec 2017 14:43:15 -0800 > Matt Turner wrote: > > > > Sorry. I think I was confusing a number of irritating things you've > > done: email spoofing, > > That was a complete accident due to a new version of Kmail that had > the from field editable by default. It was NOT intentional. Not the > 1st time. The 2nd time was for confirmation. I was in disbelieve such > abuse was even possible with @gentoo.org addresses. That was a > shocking discovery given I have administrated mail severs for quite > some time. In part why I use ASSP. I filed a bug with KDE on that but of course went WONTFIX. I think its horrible as it allows people to spoof, spam and do bad things... Make From field in the composer read only https://bugs.kde.org/show_bug.cgi?id=373313 Me personally I would never make software or change it to allow people to make such a mistake. Others felt differently. I stopped using Kmail2. I use Claws-mail now, but it also has editable from field :( Email clients should only allow email address that are in configured accounts. But that is my opinion. Others seem to feel differently. I cannot see any good reasons for such really. -- William L. Thomson Jr. pgpUDnCxn4EyP.pgp Description: OpenPGP digital signature