> kevin lyda <[EMAIL PROTECTED]> writes: > > > social engineering. reword your confirm_request message. so far > > people have had no problems with my confirm_request message but then > > it's kind of obvious it was written by me and what the recipient > > should do. > > Right. But no matter how hard we try to make the confirmation request > perfectly clear, to some it will never be. No reward comes without > risk though, and this is the small price you have to pay for privacy. > > This is explained nicely in > http://mla.libertine.org/tmda-users/200208/msg00225.html I think.
For some of us (ok, for me) this is a larger problem. My clients are churches, ministries, etc. They don't want privacy, so much. They want complete strangers to be able to email them. Offensive strangers, included... so long as they're real people asking real questions. What they want, more than privacy, is to be free of the p_rn_graphy and C4$INO junk that comes their way... without putting undue delays on what is perhaps a slightly broader definition of "legitimate email." I'm trying to explain TMDA to Pastor Chris, because I see TMDA as the solution to his problem. I pulled his domain out of my incoming filter, and made sure his address wasn't on my whitelists. Then I instructed him to send me a message so he could see a demonstration of what strangers would see. Shortly thereafter, I found two messages in my tmda-pending. His first, then his reply, which was sent to MY ADDRESS, not the tagged address. What can I do about email clients (Outlook on MacOS, in this case) that use the sender's address instead of the reply-to? Another thing, closely related... I'd like to include a mailto: link in the Confirmation Request template that will be the correctly tagged address. Here's my problem: My address: [EMAIL PROTECTED] An example tagged confirm address: [EMAIL PROTECTED] ...which irritates me. I want that to be @kelvind.com! Not @box.somethingshiny.com! And when I was using the default confirm_request.txt template, the email address shown in the body of the message would be kelvind+confirm+1035313845.407.3a6706@box ...which doesn't quite work. I could append the rest of the domain name, but it's still the wrong one. Is there a way to tell the tmda configuration that the hostname is "whatever.I.choose" instead of what it thinks it is? I'm sure the only reason I'm having this domain-related difficulty is because we don't/won't run qmail. This is a sendmail/procmail environment. Sendmail v 8.12.2 Procmail v 3.21 Linux v 2.4.7-10 Oh, and when I used CONFIRM_ADDRESS = "[EMAIL PROTECTED]" this caused problems. I don't remember what the problems were. Dare I just try it again, now that everything works mostly OK? --KDO _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
