Skip site navigation (1) Skip section navigation (2)

Re: Message-ID should surely not be shown as a mailto:URL

From: Andrew Sullivan <ajs(at)commandprompt(dot)com>
To: pgsql-www(at)postgresql(dot)org
Subject: Re: Message-ID should surely not be shown as a mailto:URL
Date: 2008-06-09 13:55:04
Message-ID: 20080609135503.GB83012@commandprompt.com (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-www
On Mon, Jun 09, 2008 at 02:30:55AM -0400, Tom Lane wrote:
> 
> Hm, I wonder if sloppiness of this sort accounts for the remarkable
> prevalence in my mail logs of spam-sign like this:
> 
> Jun  9 00:44:06 sss2 sm-mta[4062]: m594i5Ns004062: <19570(dot)1142971720(at)sss(dot)pgh(dot)pa(dot)us>... User unknown

Good bet.

> I don't pretend to know what is the approved way to deal with these
> issues, but *this* can't be best practice.

Obviously, someone is looking for something that _looks_ like a mail
address, attempting to munge it, and on the way through, changing it
to a mailto: link.  I think some parsing of the RFC2821/2822 headers
is needed first, so that one doesn't do this for things like the
message id.   

A

-- 
Andrew Sullivan
ajs(at)commandprompt(dot)com
+1 503 667 4564 x104
http://www.commandprompt.com/

In response to

Responses

pgsql-www by date

Next:From: Alvaro HerreraDate: 2008-06-09 14:34:17
Subject: Re: Message-ID should surely not be shown as a mailto:URL
Previous:From: David FetterDate: 2008-06-09 13:34:55
Subject: Re: [ANNOUNCE] == PostgreSQL Weekly News - June 08 2008 ==

pgsql-hackers by date

Next:From: Andrew DunstanDate: 2008-06-09 14:00:29
Subject: Re: pg_dump restore time and Foreign Keys
Previous:From: Mark Cave-AylandDate: 2008-06-09 13:18:50
Subject: Strange issue with GiST index scan taking far too long

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group