Author: Marc Perkel Date: To: Kelley Reynolds CC: Exim Mailing List Subject: Re: [exim] User Control of Blacklists, Whitelists, Blocklists,
features, etc.
Good point - in my case I do front nd spam filtering for other domains
and I can't think of any way to authenticate them other than sending
them an email. But I suppose it could contain a link to a form.
Kelley Reynolds wrote:
>
> It might be a simpler matter to code up a web interface for users to
> change their own settings. We have a system much like you propose,
> but with a web interface for changing settings instead of having to
> go through exim and mucking about with parsing e-mail text.
>
> One reason I would advise against this particular method is that the
> number of different ways that response can come back to you make it a
> somewhat error-prone process. Encoded messages, html (valid or not),
> tnef/rtf, quoted, all sorts of craziness to deal with.
>
> Ruby on Rails would make it trivial to code up an interface like you
> propose, as well as many other PHP/Perl/whatever frameworks. If you
> absolutely *have* to have their settings sent to them in an e-mail
> and you don't want to make them login, then I suggest generating ah
> HTML form and sending it to them, then letting that form submit to a
> page that would then muck about with the settings as you suggest.
> Easier to control, validate, secure (thtough only halfway/marginally
> through https)
>
> Kelley Reynolds
> President
> Inside Systems, Inc.
>