9 Mar
2015
9 Mar
'15
10:03 p.m.
Pavan Koli writes:
I have a doubt, while implementing anonymous lists do we have to store the email ids in encrypted form in the database.
I have the same doubt. You need to define "anonymous list". In particular, specify who is, and who is not, supposed to be able to
- See email addresses of subscribers.
- Figure out whether two posts are from the same person.
as well whether you need to
- Ensure that subscribers' posts can't be spoofed.
As people having access to database can view the original email ids.
It's worse than that. People who have access to the MTA's mail queue or can change its configuration files can see them too, as well as those who have access to MTAs on relay MX hosts and the posters' MX.
3527
Age (days ago)
3527
Last active (days ago)
0 comments
1 participants
participants (1)
-
Stephen J. Turnbull