Alex ([personal profile] alexbayleaf) wrote in [site community profile] dw_suggestions2012-12-16 11:03 am
  • Add Memory
  • Share This Entry
Entry tags:

Notifications to detect spoofing if posting by email

Title:
Notifications to detect spoofing if posting by email

Area:
email, posts

Summary:
It's possible, though unlikely, for someone to spoof posts from you by email. Notifications would help people recognise if/when this happens.

Description:
This one's a bit out there, but it came up in discussion about replying to comments by email, so I'm posting it as a suggestion.

Currently you can post by email from any of a list of registered email addresses. You also need to use a PIN to post. However, if someone knew your email address and could guess your PIN, it would be possible for them to spoof your email and post as you.

I therefore propose a notification setting: "notify me when I post by email". This should go to your primary registered address and basically just say, "We received an email post from address blah@blah.com, here's a link to it."

As well as being a warning if someone's spoofing you, it could also just be a good diagnostic to make sure your posts are getting through, if you don't have web access. Which after all could be a big part of why you're posting by email in the first place.

(You could make the setting be a bit cleverer, if you wanted to, by offering options like: "Notify me when I post by email: always, if spoofing is suspected, never". The "if spoofing is suspected" could be based on various things, but the obvious one that comes to me is <a href="http://en.wikipedia.org/wiki/Sender_Policy_Framework">SPF</a> records. But this is not a core part of the suggestion, just an idea for further work if someone were that way inclined.)

Poll #12344 Notifications to detect spoofing if posting by email
Open to: Registered Users, detailed results viewable to: All, participants: 49

View Respondents

This suggestion:

View Answers

Should be implemented as-is.
34 (69.4%)

Should be implemented with changes. (please comment)
0 (0.0%)

Shouldn't be implemented.
0 (0.0%)

(I have no opinion)
15 (30.6%)

(Other: please comment)
0 (0.0%)

Flat | Top-Level Comments Only
metawidget: A platypus looking pensive. (Default)

[personal profile] metawidget 2012-12-16 01:32 pm (UTC)(link)
I would appreciate this for the feedback on e-mail posting success when I am webless or too lazy to log in to two sites :)
Flat | Top-Level Comments Only