#725 sending emails for free email as the admin :S

[OCH]

Not sure if this is a problem with the source or just the way this cma fork was implemented.
whenever i see a resource there is a button to send that to a friend via email, in that window i can write whatever i want as the email subject and content. and then the person will receive an email from the email address of the person that configured this wikindx installation. I think this could be exploited in very bad ways... at the very least i would reccommend adding allways a non-editable starting text to email body with a disclaimer of where it comes from and why, so that ppl are aware. But maybe even better would be to further limit the cutomization of the subject line and email body contents.
I would also appreciate being pointed at where in the documentation this part of the setup is explained. maybe that would be helpful too to understand what is happening.
and yes these emails arrive from the email address of the person who setup this installation but with a reply-to parameter to go to noreply@noreply.org

[Mark Grimshaw]

Thanks OCH. It's in the core code—admins can turn email on and off. in the Admin|Configure interface Will check further.

[Mark Grimshaw]

To clarify: emails in this process are sent from noreply@noreply.org.

[Stéphane Aulery]

Hello OCH,

You say: "Not sure if this is a problem with the source or just the way this cma fork was implemented."

What is a "cam fork" for you, I don't understand ?

Sender address (From), Response address (Reply-to), Return address (Return-Path) are configured by the admin in a single place with other SMTP parameters.

Regards,

[OCH]

This is a fork setup by Mark for Computational Media Arts Thrust.
Yes I'd love to see where is that place where all this is
implemented/documentation you have on it.
Best,
OCH

[Stéphane Aulery]

It's defined in Configuration, tab Email.