Blog
It's The Little Things
Date: 30/9/2005
Sometimes it's the little things that makes one peice of software so endearing over another. Take for instance when you forward an email with attachments in Scribe it asks you whether you want to forward the attachments as well. Something so simple yet, more than one person has commented on how useful that is. There are lots of other little examples of those sort of things already in Scribe but I'm thinking about adding 2 interesting new features and some feedback would be appreciated.

Firstly, a friend mentioned that people forget their attachments all the time, and well why not check the body of the message to see if it mentions attachments and warn the user if there is no attachment when they try and send the message. Cute idea but I'm not sure how I would implement that. Do I just check for the words 'attached' or 'attachment'? Or some list of phrases? What about internationalisation? Obviously there would need to be an option to turn that off as well.

Secondly, with the rise of phishing on the internet, I am in a position to do something about it, in that many times phishing is initiated by a spam email made to look like it came from some financial establishment. Usually in HTML format the links are the right URL in the text, but the href has been subtly mangled to point at the phisher's site. So the email client could do an automatic check against the text of the link and the href, and match them up. In the case that the text is in the form of an URI obviously. I just check that the hostname part matches within some tolerance, e.g. www.hostname.com = hostname.com, and so on. If they are different e.g. www.hostname.com != www.host-name.com then I can warn the user that something "fishy" is going on. If it saves just one person from losing all their savings it's probably worth it.

There may be other little feature ideas like that that you might know about so don't be shy, post a comment. And even though I might not implement anything or everything, I'm interested none the less.
Comments:
SnappyCrunch
30/09/2005 3:21am
I like the attachment reminder idea, so long as it looks like the "set scribe as default email client" dialog, and you can disable the feature on the fly without having to hunt through the options to get to it.

As far as the anti-phishing goes, I'd be satisfied with a slashdot-like approach, where the hostname is displayed in brackets after the link itself.
exosceleton
30/09/2005 8:32am
i especially like the attachment idea.
(remember, i am the one who needs to reset to default ident on startup, see forum, so no need to say: this hapens to me regularly)
Put in an option (config/ini file?) for the user to specify wich word(s) to use.

In my opinion the option to dis/enable a feature is very important. Or, better yet, make these kinds of options available through a plugin. This will help keep a simple compact 'skeleton' scribe install possible.

Be carefull with "thinking for the user" aka assuming a user wants to do something, when he is actually doing someting else. We have microsoft for that.

30mil
30/09/2005 9:18pm
I agree with SnappyCrunch on the attachments. Novel approach.

One thing I would like to see is a bounce template for spam. I forget which, but there is an email client out there that can bounce a spam message back to it's source. It removes certain details in the header so as to make it appear as if it failed to get to the intended recipient. Some kind of standard "......Sorry, I've given up....." text that you get back when you send an email to an address that doesn't exist? This tactic supposedly gets your email addy removed from the spammers list and consequently wherever that list gets sold, copied, or sent to.

For phishing, it may be prudent to have an option to warn of possible phishing attempt using your mentioned ideas. Maybe if the link text and href don't 'jive' a window or text bubble pops up and warns the user a then goes away after a few seconds or when the user clicks on it. Poosibly the warning could include whatever discepancy was found. Of course this opens the door to whitelists as well ("Always trust mail from "@isp.whatever". You'll need some way to control the good stuff so it doesn't get flagged.
30Mil
30/09/2005 9:28pm
Expanding on my anit-phishing comments:
Along with a whitelist of isp's you may include an option to "Ignore anti-phishing rules if sender is in the contacts list."

That would prevent a whole bunch of info windows and warnings.
Ecragi
04/10/2005 2:24pm
Hi:
I like the idea of the bounce template for spam that 30mil talks about. It would be nice to get revenge on those spamers ad if it helps to remove your e-mail from their list the better.
fret
04/10/2005 8:31pm
I have not seen any evidence that spammers process "no user here" messages to remove addresses from their lists. So the utility of such a function is doubtful.
 
Reply
From:
Email (optional): (Will be HTML encoded to evade harvesting)
Message:
 
Remember username and/or email in a cookie.
Notify me of new posts in this thread via email.
BBcode:
					[q]text[/q]
					[url=link]description[/url]
					[img]url_to_image[/img]
					[pre]some_code[/pre]
[b]bold_text[/b]