On Sun, 7 Jul 2002 13:02:18 -0400
Bernie Cosell <bernie@fantasyfarm.com> wrote:
> On 7 Jul 2002, at 9:39, J C Lawrence wrote:
>> ... Properly tagging and stripping references to non-message hosted
>> content in HTML email without also crippling/stripping the actually
>> useful aspects of HTML email however is a bitch. Perhaps I've been
>> overlooking the obvious but I've yet to come up with a scheme for
>> that I can't also trivially poke holes in.
> What about reading your HTML-email using a rendering client that
> cannot access the Internet [and, while you're at it, doesn't include a
> JavaScript engine and can't do plugins]? The problem, to my mind,
> with HTML email is that folks read it/render it with a *browser*,
> which is WAY too powerful and does too many *other* things, and so if
> you're trying to 'fool' the browser [by filtering the HTML on its way
> TO the browser], you're in for a herculean task [if it is possible at
> all].
Quite. This works quite well if you do that. The problem, yet again,
is that individual members are frequently not in a position to do this.
They are constrained by expertise, level of system access, corporate
policy requirements etc to using a constrained set of tools.
> I'm thinking here of the sort of thing you can do if you get a lot of
> Word docs or Excel sheets via email: instead of reading them with the
> full-blown apps, which can be dangerous, you can instead read them
> with the "Viewers" you can get from MS that are pretty safe 'read
> only' engines. Couldn't someone cobble up an "HTML viewer" and if you
> used that for your HTML email wouldn't that solve most/all of the
> problems?
<nod>
I do this by using a fake and non-existent web proxy. The same problems
as above apply however.
In the end this devolves to another geek vs grandma question. Yes, as
geeks we can and do build our own mail systems that we use to do this
sort of thing, and that's great. I wouldn't have it any other way.
Problem is that we then want our list populations to enclude people who
are not quite so geeky, or who are unable to fully express their true
geeky nature for whatever reason...and then we're in trouble. This is
why we end up with things like mime filters, and virus scanners and so
forth prefacing out lists, attempting to act as a sanitising layer
between, err, those risk-laden systems.
Problem is that disinfectants are never quite as good or quite as
innocuous as just not having the (possible) infection in the first
place.
Side effects...
--
J C Lawrence
---------(*) Satan, oscillate my metallic sonatas.
claw@kanga.nu He lived as a devil, eh?
http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live.
References:
|
|
