Gentoo Archives: gentoo-amd64

From: Duncan <1i5t5.duncan@×××.net>
To: gentoo-amd64@l.g.o
Subject: [gentoo-amd64] RE: Re: gcc compile failed after 2005.1-r1 instalation [OT- html posts]
Date: Fri, 09 Dec 2005 19:35:30
Message-Id: pan.2005.12.09.19.25.51.665219@cox.net
In Reply to: RE: [gentoo-amd64] Re: gcc compile failed after 2005.1-r1 instalation [OT- html posts] by Bob Young
1 Bob Young posted <FAEEIJPAOFEMBBLKPMJEAEPIDNAA.BYoung@××××××××××.com>,
2 excerpted below, on Thu, 08 Dec 2005 12:25:21 -0800:
3
4 > Even the two reasons listed in the above reply don't stand up very well to
5 > logical reasoning, it's obvious the OP was neither a spammer nor a malware
6 > author, filtering all html email on the basis of those two reasons alone is
7 > akin to throwing out the baby with the bath water.
8
9 Not necessarily. Many of us believe two things about HTML mail that color
10 our attitude toward it.
11
12 1) Of all the mail born malware attacks to date, ask yourself how many of
13 them would have been possible if email hadn't tried to go HTML. Zero, or
14 very close to it. For those of us seriously concerned about security,
15 that's a huge reason right there, altho admittedly, alone, the benefits
16 might outweigh it, if a suitably secure parsing method can be found (and
17 there is such a method, don't fetch any content not in the mail, don't
18 render any active content, only text, formatting, and images, being a very
19 good start).
20
21 2) For those with content worth reading, the content is /just/ as worth
22 reading in plain text. It doesn't need HTML to fancy it up or obscure it.
23 In fact, those who DO seem to /need/ HTML, don't often seem to have much
24 worth reading -- the spammers, the crackers, and the AOLer types
25 that don't even WANT to know how their computer operates, thus being the
26 ones most likely to be spreading the malware in the /first/ place,
27 therefore the ones anyone who cares about their security is /least/
28 likely to want to have sending them HTML.
29
30 The two factors coupled together, the security issue and the lack of
31 content that really /needs/ html to be valuable (if it /needs/ it, send a
32 link, parsing HTML is what BROWSERS are for!), are persuasive enough for
33 many of us. Others are free to continue their in our opinion misguided
34 use, as long as they don't involve us, either in their mail, or in the
35 DoSs that result when one of their HTML mail spread malware things gets
36 going! Unfortunately, we're ALL subject to the abuses that malware
37 causes, with the DoSs on our connections and the restrictions then placed
38 on them to try to stem the problem. (My ISP doesn't allow port-25 SMTP
39 connections to anyone but it's own servers, due to the malware, and the
40 spammers now using it to get more mailbots to spam with. Had plain text
41 remained the rule, all those infections wouldn't have happened, and I'd
42 likely still be able to run my own mail server and connect to others
43 directly, so YES, it has affected me!)
44
45 --
46 Duncan - List replies preferred. No HTML msgs.
47 "Every nonfree program has a lord, a master --
48 and if you use the program, he is your master." Richard Stallman in
49 http://www.linuxdevcenter.com/pub/a/linux/2004/12/22/rms_interview.html
50
51
52 --
53 gentoo-amd64@g.o mailing list

Replies