[Zope-CMF] MailIn product
seb bacon
seb@jamkit.com
Fri, 15 Jun 2001 17:13:53 +0100
* seb bacon <seb@jamkit.com> [010615 12:42]:
<snip>
> - Creates rfc822 messages as MailMessage CMF Types
> - renders plain text as STX, html messages as html
> - You can change the metadata by specifying headers at the top of the
> mail, thus:
> Description: Ladadee
> Subject: Foo
> - attachments are generated too
> - content gets created in the home folder of the user whose email
> address matches the 'from' address of the message
> - works over webdav
forgot to add..
- completely bypasses security arrangements
Since new content is private by default, it's not really a content
issue, but it could be exploited in a DoS attack.
How can one verify the sender of the mail? By sending the password as
a header? Yuk, The only thing I can come up with is PGP sigs, but
that's pretty hasslesome for most people. Maybe it's not such an
issue? Mailing lists only check the 'From' header, if anything.
It'd be nice to sort it out, because this is potentially a very cool
feature. IMHO.
cheers
seb