On 10 Oct 2004, at 21:02, Kurt Jansson wrote:
Evan Prodromou schrieb:
On Sun, 2004-10-10 at 19:10 +0200, Jens Ropers
wrote:
Regarding the "E-mail this user"
feature: Currently it says:
"If this user has entered a valid e-mail address in his or her user
preferences, the form below will send a single message. (...)"
Is there any way for the sender to see if his email will actually be
delivered?
Would it make sense to log this as a feature request/bug?
That's a
documentation problem. If the user hasn't entered a valid
e-mail address, the form won't come up.
But the address isn't really checked for validity, maybe in a
technical way, but I fear many people are entering an address like
spam123(a)spam.com.
Kurt
IMHO the concern about individual users possibly having entered a
nonworking email address is mostly a separate issue to what I asked
about. I'm concerned about the fact that users (including me prior to
this email conversation) will think that their email might not be
''sent'' because the other user might not have provided an email
address (when in reality it ''will'' be ''sent'' because
as per the
above info that page only comes up if the other user did in fact
provide an email address).
Now as regards the separate email-related issue:
I.
It is true that an email which was ''sent'' may not get
''delivered'',
for various reasons (account maxed out, prolonged server outage, etc.).
As regards that possibility: Do the emails that get sent currently have
a ''both'' the '''Return-Path''' and
'''Reply-To''' headers set to the
user/sender's address? If not, can this be changed?
II.
Finally, yes, it's true, our system of accepting email addresses is not
fully opt-in. In theory, someone could create and account giving
another person's email address, then do a lot of trolling and have any
angry email messages delivered to the (probably very surprised) other
person's mailbox. That's a bit of a roundabout way of spamming people,
though. If a spammer already has another person's email address, then
it would be so much easier to spam them directly. Granted, we may still
want to consider changing our signup process so that any email
addresses submitted will be verified in a way similar to Mailman's
opt-in process. That might make sense. It's only a minor inconvenience
to users signing up and it's probably best practice to do it. Any
motivation to code this, anybody (because I sadly can't)?
-- ropers [[en:User:Ropers]]
www.ropersonline.com