Password, trust and user notification

Aidan Steele aidan at aidans.org
Wed Dec 13 20:17:21 EST 2006


On 12/14/06, Gabriel Genellina <gagsl-py at yahoo.com.ar> wrote:
>
> At Wednesday 13/12/2006 21:44, Aidan Steele wrote:
>
> >While what you said is technically correct, I think you misread
> >their original question. They want to send email *from* the Gmail
> >account *to* the work account. I suggested that he use Gmail's SMTP
> >server to send the email.
>
> They were concerned about putting sensitive information (password)
> inside the script, in order to connect to Gmail to send the mail
> notifications.
> I say that there is no need to use Gmail smtp services: to send mail
> *to* anyone at anywhere.com, you only have to connect to the right SMTP
> server for anywhere.com. The *from* email address is irrelevant and
> can even be faked.
> Of course a spam filter could block such mails, but you have to test it.
>
>
> --
> Gabriel Genellina
> Softlab SRL
>
> __________________________________________________
> Correo Yahoo!
> Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
> ¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar


Rather than "could block such mails" [sic], I'm fairly certain any
respectable server would drop the mail. The prevalence of SPF and other
assorted tools combat this, when used for malicious purposes. Sure, it's
worth trying, but I doubt it will work. Good luck to them. ;-)

Aidan Steele.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20061214/ab2ff4ce/attachment.html>


More information about the Python-list mailing list