Re: reportbug defaults [Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email]

To: debian-devel@lists.debian.org
Subject: Re: reportbug defaults [Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email]
From: Henning Makholm <henning@makholm.net>
Date: Mon, 22 May 2006 13:32:30 +0200
Message-id: <[🔎] 87u07i47n5.fsf@kreon.lan.henning.makholm.net>
References: <[🔎] 87ejywn5x8.fsf@kreon.lan.henning.makholm.net> <[🔎] 87slnce2u5.fsf@windlord.stanford.edu> <[🔎] 87u07r5vut.fsf@kreon.lan.henning.makholm.net> <[🔎] 20060516011632.GB7820@uio.no> <[🔎] 87psie1gu1.fsf@kreon.lan.henning.makholm.net> <[🔎] 1147785214.23950.12.camel@haggis.homelan> <[🔎] 20060516154411.GA20622@volo.donarmstrong.com> <[🔎] 446A09F8.8000102@familiasanchez.net> <[🔎] 20060516214152.GC20622@volo.donarmstrong.com> <[🔎] 8764k4h54t.fsf@kreon.lan.henning.makholm.net> <[🔎] 20060518031440.GL20622@volo.donarmstrong.com>

Scripsit Don Armstrong <don@debian.org>
> On Wed, 17 May 2006, Henning Makholm wrote:

>> How does sending directly to from reportbug to an ISP's smarthost
>> validate the user's email address better than sending directly from
>> reportbug to a HTTP POST somewhere?

> I'm talking about an HTTP access method in general; if it were to be
> done, I'd expect that it validate the users email address before
> actually forwarding bug reports from the user.

Why don't you have the same expectation about SMTP access methods?

>> It is not necessary that there is anywhere any HTML form that refers
>> to the posting URL; only reportbug would need to know it.

> Except for the fact that anyone can create a page which posts to that
> url.

... with a big large text box in which a user is supposed to manually
format some text that can be parsed properly by the unknown backend
script? If anybody _really_ wanted to fake a bug report with a wrong
user, it is much simpler to use an off-the-shelf MUA than to try to
reverse-engineer the data format used by a the private reportbug HTTP
application.

-- 
Henning Makholm                                   "Det er trolddom og terror
                                                         og jeg får en værre
                                               ballade når jeg kommer hjem!"

Reply to:

References:
- Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email
  - From: Henning Makholm <henning@makholm.net>
- Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email
  - From: Russ Allbery <rra@debian.org>
- Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email
  - From: Henning Makholm <henning@makholm.net>
- Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email
  - From: "Steinar H. Gunderson" <sgunderson@bigfoot.com>
- Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email
  - From: Henning Makholm <henning@makholm.net>
- Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email
  - From: Ron Johnson <ron.l.johnson@cox.net>
- reportbug defaults [Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email]
  - From: Don Armstrong <don@debian.org>
- Re: reportbug defaults [Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email]
  - From: "Roberto C. Sanchez" <roberto@familiasanchez.net>
- Re: reportbug defaults [Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email]
  - From: Don Armstrong <don@debian.org>
- Re: reportbug defaults [Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email]
  - From: Henning Makholm <henning@makholm.net>
- Re: reportbug defaults [Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email]
  - From: Don Armstrong <don@debian.org>

Prev by Date: Re: Sun Java available from non-free
Next by Date: Re: Sun Java available from non-free
Previous by thread: Re: reportbug defaults [Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email]
Next by thread: Re: reportbug defaults [Re: Bug#367200: ITP: libemail-send-perl -- Simply Sending Email]
Index(es):
- Date
- Thread