From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/37562 Path: main.gmane.org!not-for-mail From: Harry Putnam Newsgroups: gmane.emacs.gnus.general Subject: Small suggestion for future Oort Date: 06 Aug 2001 10:40:21 -0700 Message-ID: NNTP-Posting-Host: coloc-standby.netfonds.no Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: main.gmane.org 1035172954 14510 80.91.224.250 (21 Oct 2002 04:02:34 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Mon, 21 Oct 2002 04:02:34 +0000 (UTC) Return-Path: Return-Path: Original-Received: (qmail 22023 invoked from network); 6 Aug 2001 17:40:27 -0000 Original-Received: from mail.networkone.net (209.144.112.246) by gnus.org with SMTP; 6 Aug 2001 17:40:27 -0000 Original-Received: (qmail 10692 invoked from network); 6 Aug 2001 17:40:24 -0000 Original-Received: from unknown (HELO reader.local.lan) (209.144.117.151) by mail.networkone.net with SMTP; 6 Aug 2001 17:40:24 -0000 Original-Received: (from reader@localhost) by reader.local.lan (8.11.2/8.11.0) id f76HeLs07087; Mon, 6 Aug 2001 10:40:21 -0700 X-Authentication-Warning: reader.local.lan: reader set sender to reader@newsguy.com using -f Original-To: ding@gnus.org User-Agent: Gnus/5.090003 (Oort Gnus v0.03) Emacs/21.0.104 Original-Lines: 46 Xref: main.gmane.org gmane.emacs.gnus.general:37562 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:37562 There has always been some confusion surrounding Wide reply (F). It is a nice feature as it stands but can lead to bad results, if the user is not observant. I get bit by it fairly often... and it can have bad results in this way. You grow accustomed to using `F' for all replies, at least I have. And justifiably so since many of my groups contain a `to-address' in G p (group params) However when that param is lacking, I send unwanted Cc's fairly often. In one case it could have had disastrous results. I mailed a tmp passwd to someone and didn't notice the Cc in the original message to a mail list. Naturally the passwd was posted on the list as well as going to the intended recipient. Had I not noticed and had that list been a big public one, it could have led to a root compromise. I'm aware of the dangers of sending a passwd in clear text, but it should be fairly safe, if you keep a tight machine and are not seeing signs of someone reading your mail. And it was a temp passwd that would at best get someone logged in as a restricted user. Unless that someone was an experienced hack, it should not result in great harm. However had I posted it on a busy public group, the chances of attracting an experienced `black hat' would be far greater. I set gnus to show all outgoing headers long ago for this very reason but apparently, just having that Cc visible in the composition buffer still isn't enough to always get my attention. I want a feature that queries me about the Cc field on sending. Something like the warning you get with over 79 chars on a line. Or when you left the subject field empty. It could be toggled on or off. And would stop the sending action and ask the user if they want the Cc field as is (with a display in echo area). RET would be `no' or blank, or press up-arrow key for the default (as is) then RET. People who use `Cc' a lot could turn it off or it could be off by default. When `on', the query would only happen when the Cc field was not blank.