HTML by default in KMail
txwikinger at ubuntu.com
Fri Aug 6 15:42:53 BST 2010
On 08/06/2010 09:47 AM, Scott Kitterman wrote:
> On Friday, August 06, 2010 06:42:54 am Myriam Schweingruber wrote:
>> On Fri, Aug 6, 2010 at 12:28, Jonathan Riddell<jriddell at ubuntu.com> wrote:
>>> At Akademy I queried the current and past KMail maintainers about HTML
>>> by default in e-mails. They seemed to agree that it was a bit old
>>> fashioned to be keeping it off and agreed it would be fine to turn it
>>> on by default (in Kubuntu and upstream). It seems unfriendly to me to
>>> show a message with most e-mails that the programme is hiding
>>> something from the user.
>>> KMail has large warnings in it's config box about security problems
>>> that might magically appear. I can imagine it would help with
>>> As someone who uses a terminal programme for my e-mail I doubt my
>>> opinion weights for much but I'd like to hear thoughts people have on
>>> the setting.
>> I am strongly against turning it on. I don't see a valid reason to
>> turn it on btw, as the user always gets an option to allow displaying
>> of pictures/graphics for a particular sender. Also since half of the
>> mail I get during the day is spam and they tend to often send HTML, I
>> am very glad it is turned off by default.
>> A Linux system is by default secure, enabling HTML is certainly not.
>> Let the users who want to have it turn it on by themselves, but don't
>> do so by default. I would really hate it to see kmail users of the
>> future send html by default to mailing lists...
>> Regards, Myriam.
> I agree with this. Yes, plain text by default may seem a bit old fashioned,
> but HTML by default opens a large number of additional code paths to potential
> exploits (and it appears to be very difficult to write secure HTML parsers).
> The system should default to a safe/secure configuration that users can change
> if they choose.
> Scott K
More information about the kubuntu-devel