- From: Dirk Herr-Hoyman <hoymand@gate.net>
- Date: Wed, 4 Jan 1995 15:56:43 -0500
- To: uri@bunyip.com
At 6:41 PM 1/4/95, Larry Masinter wrote: >While there are lots of ways for malicious individuals to spoof email, >this opens up a new threat, which is a way that a malicious individual >could cause someone ELSE to spoof email through their system. > >This is a *new* security consideration; it's been noted for the >'gopher:' URL and needs to be noted for the mailto/mailmsg one. At the risk of beating this horse to death, let me say one more time that I very much agree that there is a security threat and it should be documented. However, I would hope that even though there is such a hole, that it not preclude a possible mailserver URL that I proposed some months ago or even the less general mailmsg proposal. The lack of a URL to perform e-mail retrieval does seem to me more problematic than this security hole. -- Dirk Herr-Hoyman <hoymand@gate.net> | I tried to contain myself CyberBeach Publishing | but * Internet publishing services | I got out Lake Worth, Florida, USA | Web: http://www.gate.net/cyberbeach.html Phone: +1.407.540.8309
Received on Wednesday, 4 January 1995 15:55:53 UTC