Open Source Applications Foundation

[Design] disable message preview for certain folders

Brian Wilson Tue, 17 Dec 2002 18:41:57 -0800 

[Jim writes]
> My original idea was less to do with virus's and more to do with spam
> containing unwanted remote html links (bugs) that spammers use to track
> people.

Hiding from spammers sucks, because you end up hiding from everyone
else too.  If being "tracked" is a problem, there are better, more
sophisticated
ways to prevent it than disabling remote html links.

I know it is self serving for my company, but Chandler should not even
try to do any anti-spam techniques, it's really too much additional
work that will just distract you.  Instead, Chandler needs to provide a
solid, simple API that allows a variety of anti-spam products such as
Matador and Cloudmark and DeerSoft to take advantage of.  We're all
putting large amounts of man-power and thought into this problem,
and nobody is really sure which technique or techniques are right, and I
claim one solution won't fit all users.  Let us do our products, we'll
provide you a variety of very powerful tools to choose from.

When Chandler gets around to needing an anti-spam plugin API (probably
shared with the anti-virus API), we would like to be involved in defining
it.  But it isn't really all that complicated, and let me rant just a
little here:

  A Good Anti-Spam API:
  ----------------------------
  1) Reliably give an event the instant EVERY email arrives, no matter on
      what account it arrives into, or if the email client has been asleep,
or
      working offline, or whatever.   This seems obvious, but it turns out
no
      email client we have looked at has gotten this right yet.

  2) MUST preserve the *envelope* and not just the email headers.  A
      good example is if the recipient is "bcc'ed" then their email address
      only appears in the "envelope" and it does not appear anywhere in
      the headers.  Anti-Spam software needs this, please do not throw it
      away.   If you have two email accounts you are POP3'ing, then we
      need to know which one the email was truly destined for.

  3) Adhere to RFC 822 standards, and store the original email in all it's
      untouched glory.  Do not try to get clever and pre-parse the email
into
      a structured database format and throw away the original
      standard form.  You may think you are throwing away unimportant
      information, but you would be dead wrong.

Ok, rant over.  :-)   A complete anti-spam plugin API can be described
in a few short pages, it isn't rocket science.

-- Brian Wilson
    brianw@mailfrontier.com
    http://www.mailfrontier.com (to try our Spam blocking software)