GNU bug report logs - #46472
Make lisp/mail/uce.el obsolete

Previous Next

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: Stefan Kangas <stefan <at> marxist.se>
Cc: rgm <at> gnu.org, monnier <at> iro.umontreal.ca, 46472 <at> debbugs.gnu.org
Subject: bug#46472: Make lisp/mail/uce.el obsolete
Date: Tue, 12 Oct 2021 16:52:09 +0300

> From: Stefan Kangas <stefan <at> marxist.se>
> Date: Mon, 11 Oct 2021 21:33:31 -0700
> Cc: 46472 <at> debbugs.gnu.org, Glenn Morris <rgm <at> gnu.org>, 
> 	Stefan Monnier <monnier <at> iro.umontreal.ca>
> 
> Eli Zaretskii <eliz <at> gnu.org> writes:
> 
> > The method of "recommendation" you propose is too strong for my
> > palate, sorry.  In general, I believe that people should be left to
> > their devices unless what they do causes harm to others.
> > Second-guessing other people under the assumption that we know better
> > is something I don't like doing, and don't like others doing to me.
> >
> > How about adding some warnings to uce.el instead, either in the
> > commentary or when the main entry point is invoked for the first time
> > in a session?
> 
> Is this okay for emacs-28?

No, please leave unnecessary changes out of emacs-28.

>  ;; The code in this file provides a semi-automatic means of replying
> -;; to unsolicited commercial email (UCE) you might get.  Currently, it
> -;; only works with Rmail and Gnus.  If you would like to make it work
> -;; with other mail readers, see the mail-client dependent section of
> -;; uce-reply-to-uce.  Please let me know about your changes so I can
> -;; incorporate them.  I'd appreciate it.
> +;; to unsolicited commercial email (UCE) you might get.

I would leave the original text intact, as dividing it into two splits
the description of the package, and the additional text is too long to
keep the beginning in mind.

> +;; -- !!! NOTE !!! --------------------------------------------
> +;;
> +;; Replying to spam is at best pointless, but most likely actively
> +;; harmful.
> +;;
> +;; - You will confirm that your email address is valid, thus ensuring
> +;;   you get more spam.  Spammers use tricks like getting you to reply
> +;;   and/or clicking unsubscribe links, etc. to confirm that you
> +;;   should stay on their lists.
> +;;
> +;; - You will leak information (e.g. on your email server and setup),
> +;;   thus opening yourself up for further attack.  More importantly,
> +;;   they are likely to find your IP, thus your physical location (see
> +;;   "geolocation"), and by combining that data with your name it
> +;;   should be trivial to find e.g. your home address and phone
> +;;   number.

These two paragraphs basically says the same, so you could say the
same more concisely and to the point by combining them.

> +;; - You open yourself up to various kinds of social engineering.
> +;;   This could be the first in a planned exchange where they will
> +;;   attempt to trick you to divulge sensitive information.
> +;;
> +;; - You confirm that the email landed in your inbox, and not the spam
> +;;   folder.  This confirms to them that their current method of
> +;;   spamming is useful, and helps them continue.

These two just reiterate what you already said.

> +;; - Scammers have been known to threaten, intimidate, and use other
> +;;   forms of criminal manipulation.  Be aware that replying to spam
> +;;   can lead down a path that you may not want to be on.

Likewise.

So I think the same message could be usefully conveyed with much fewer
words.

> +(defcustom uce-i-want-to-use-this nil
> +  "Non-nil means that you don't want the warning message about this package.
> +See `uce-reply-to-uce' for background."
> +  :type 'boolean
> +  :version "28.1")

This is redundant, since users that don't want this should not load
the package.

> @@ -218,7 +266,44 @@ uce-reply-to-uce
>    "Compose a reply to unsolicited commercial email (UCE).
>  Sets up a reply buffer addressed to: the sender, his postmaster,
>  his abuse@ address, and the postmaster of the mail relay used.
> -You might need to set `uce-mail-reader' before using this."
> +You might need to set `uce-mail-reader' before using this.
> +
> +-- !!! NOTE !!! --------------------------------------------
> +
> +Replying to spam is at best pointless, but most likely actively
> +harmful.

Why the same text again?

> +  (unless uce-i-want-to-use-this
> +    (pop-to-buffer (get-buffer-create "uce-reply-to-uce warning"))
> +    (insert "-- !!! NOTE !!! --------------------------------------------

And again?

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.