On 10 Oct 2004, at 21:02, Kurt Jansson wrote:
Evan Prodromou schrieb:
On Sun, 2004-10-10 at 19:10 +0200, Jens Ropers wrote:
Regarding the "E-mail this user" feature: Currently it says:
"If this user has entered a valid e-mail address in his or her user preferences, the form below will send a single message. (...)"
Is there any way for the sender to see if his email will actually be delivered? Would it make sense to log this as a feature request/bug?
That's a documentation problem. If the user hasn't entered a valid e-mail address, the form won't come up.
But the address isn't really checked for validity, maybe in a technical way, but I fear many people are entering an address like spam123@spam.com.
Kurt
IMHO the concern about individual users possibly having entered a nonworking email address is mostly a separate issue to what I asked about. I'm concerned about the fact that users (including me prior to this email conversation) will think that their email might not be ''sent'' because the other user might not have provided an email address (when in reality it ''will'' be ''sent'' because as per the above info that page only comes up if the other user did in fact provide an email address).
Now as regards the separate email-related issue:
I. It is true that an email which was ''sent'' may not get ''delivered'', for various reasons (account maxed out, prolonged server outage, etc.). As regards that possibility: Do the emails that get sent currently have a ''both'' the '''Return-Path''' and '''Reply-To''' headers set to the user/sender's address? If not, can this be changed?
II. Finally, yes, it's true, our system of accepting email addresses is not fully opt-in. In theory, someone could create and account giving another person's email address, then do a lot of trolling and have any angry email messages delivered to the (probably very surprised) other person's mailbox. That's a bit of a roundabout way of spamming people, though. If a spammer already has another person's email address, then it would be so much easier to spam them directly. Granted, we may still want to consider changing our signup process so that any email addresses submitted will be verified in a way similar to Mailman's opt-in process. That might make sense. It's only a minor inconvenience to users signing up and it's probably best practice to do it. Any motivation to code this, anybody (because I sadly can't)?
-- ropers [[en:User:Ropers]] www.ropersonline.com