[Mailman-Developers] Confirmation Messages and Modified Subject Lines
Mark Sapiro
msapiro at value.net
Wed Dec 7 06:12:52 CET 2005
Brad Knowles wrote:
>
> This should be taken to the logical conclusion. Keep popping off
>prefixes until something useful can be found, or you run out of data.
>You should probably also strip out all punctuation, too. Heck, strip
>out all non-alphanumeric data.
I think Brad is on the right track here, but we can't strip out all non
alphanumeric characters because this is common code for all commands
sent to the list-request address and valid commands can contain '=',
passwords and email addresses.
I think the correct approach is to keep popping arguments until you hit
a valid command or run out of arguments, but there is an issue here as
well, although I think it is already an issue anyway. Here it is.
Suppose I send an email to list-request at example.com that has
Subject: I want to subscribe to the list
and body line
subscribe a_paswd nodigest
This is a valid subscription email, but if we strip arguments off the
subject until we hit a valid command word, we'll try to process the
command "subscribe to the list" which will fail and the failure will
cause the valid command in the body to be skipped. Of course, the same
issue currently exists if the valid command is sent in the body with
Subject: subscribe to the list
but at least here, it is the users 'fault'.
--
Mark Sapiro <msapiro at value.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Developers
mailing list