You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2010/12/30 11:26:08 UTC
DO NOT REPLY [Bug 50532] New: Mail protection
https://issues.apache.org/bugzilla/show_bug.cgi?id=50532
Summary: Mail protection
Product: Apache httpd-2
Version: 2.3-HEAD
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: mod_mbox
AssignedTo: bugs@httpd.apache.org
ReportedBy: brad.revolver@gmail.com
Mail archive HTML page is generated by mod_mbox. This module must try hide the
full email address of people in messages. But as you can see below links, it
doesn't always work.
http://mail-archives.apache.org/mod_mbox/httpd-users/200608.mbox/%3C8d423b320608160950l4ab345b1p74d76c62fe4aa42f@mail.gmail.com%3E
http://mail-archives.apache.org/mod_mbox/tomcat-users/201012.mbox/%3CAANLkTikxhDGOQZv+CDQ2hsMwQKzBAyD4wFoyv=jGJ5T4@mail.gmail.com%3E
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 50532] Mail protection
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50532
Brad Revolver <br...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |brad.revolver@gmail.com
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 50532] Mail protection
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50532
William A. Rowe Jr. <wr...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |enhancement
--- Comment #1 from William A. Rowe Jr. <wr...@apache.org> 2010-12-30 12:37:12 EST ---
This is because of two entirely different concepts you would benefit from
understanding. Mail headers are well understood and easily modified without
damage to the content of the message, and mod_mbox modifies these values.
Mail body content is not defined, and may contain semantic information relevant
to understanding the message. E.g. if you had java source with annotations,
or character or line number offsets of a file, or other non-email information,
would you prefer that the semantic value of these messages were obliterated?
What about in attachments?
My inclination is to close this as being unrealistic, but if a more serious
proposal with specific definitions were offered, they could be discussed.
Note that this will not conceal email addresses, however, since unfiltered
mail archives are available.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 50532] Mail protection
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50532
--- Comment #2 from Nick Kew <ni...@webthing.com> 2010-12-30 14:07:25 EST ---
It's actually a good suggestion. Sure, we can't reliably parse addresses in
free text, any more than other agents from desktop tools to spambots. But we
can point a regexp at low-hanging fruit.
I'll have a think about how greedy a regexp to throw at it.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 50532] Mail protection
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50532
--- Comment #3 from James Kaan Atabey <ka...@yahoo.com.tr> 2010-12-31 08:05:00 EST ---
I agree with Nick that it is the point.
That Apache Mail Archive can at least put under protection these names as
abcxxxxxxx@noway.com.
Besides preventing so much problems (such as security, spam) from occurring, I
also think that it is important for the Apache's own reputation. Because those
messages are taken and parsed right away by so many 3rd. parties. Even some of
those 3rd parties are reliable, we are not sure about all of them.
I am pretty sure that there are so many spam/security victims which are waiting
to hear that this problem has been fixed.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org