Skip to main content

Blacklist by email

Comments

6 comments

  • Tom Johnson

    Hi Gene-

    It's an interesting possibility.  Given how easy it is  to forge email FROM addresses, we'd have to put some other limitations in place....but it's something to which we shall give some serious thought.

    Sorry for the long delay in responding.  We're still working through some issues with our ticketing system - we just got a bunch of notifications of messages posted here. 

    0
  • Tom Johnson

    We're still kicking this idea around.  But our big stumbling block is still this one: how to prevent a user from forging an email and white or blacklisting an address?  We can check the origin of the request, but that wouldn't keep a disgruntled employee from, oh, say blacklisting something for their boss.

    We could require people to include some sort of "email control password" perhaps.

    And we're open to other suggestions......

    0
  • Scott Wright

    What about a plus address that includes the "Blacklist Password" blacklist+password@mailroute.net (Option 1)

    Same feature request for whitelists.

    Another option (2a) might be a confirmation email, where a link would have to be clicked to confirm the white or black listing.

    Option (2b) confirmation or summary email to the main listed email address, but just informational : Today we whitelisted/ blacklisted the following addresses.

    0
  • Ben Dodson

    This hasn't been updated for a long time but it looks like this feature still doesn't exist. I'm getting quite a few spam emails still and it's a bit of a pain having to keep coming to the MailRoute website to blacklist them (as I don't do anything else via the web interface - checking my list happens daily via email from which I can recover and whitelist).

     

    My proposal for how you get around the security problem and forging of email addresses is that you simply create a token for the user and give them a customised blacklist address i.e. blacklist+abcdefghi123@mailroute.net (where "abcdefghi123" is a unique token for the user, not their password). This is how lots of other services that work via email get around this issue and for extra points you can give an option to reset that token and include a digest of blacklisted addresses in the daily email. This would improve my workflow a lot.

    0
  • David Veeneman

    I'd like to second this request. As to the disgruntled employee, they could do any one of a number of things to sabotage their boss. You can't prevent it from happening; you can only take reasonable steps such that a boss who is minding the store will get notice of a blacklist. A daily notification email to the boss' address would seem to take care of that, and requiring a password in the subject line should prevent spoofing.

    0
  • MailRoute Support

    Originally posted by Ben Dodson September 15, 2016, 05:15

    I've just come back to MailRoute after a ditching it for a year - surprised to see that blacklisting via email isn't yet possible (as can be done securely and relatively easily as outlined above). If you're a developer, you can take a look at the custom solution I've built with context.io (free) that lets me blacklist via email - https://bendodson.com/weblog/2016/09/15/mailroute-blacklisting-via-...

    I'd still like to see this implemented natively though!

     
    0

Please sign in to leave a comment.