| «« Sarcastic Dictionary (Part 1 of Many) | blog@ryanlowe.ca no more »» |
|
About
I'm Ryan Lowe, a Software Engineering graduate living in Ottawa, Canada. I like agile software development and Ruby on Rails.
I write this blog in Canadian English and don't use a spell checker. Typos happen.
Projects
» Full-time Ruby on Rails freelancer
» Full-time with Rails since May 2005 » Former committer for RadRails (now Aptana) » I also have a few Rails side-projects in development: 1. wheretogoinTO.com Toronto nightlife 2. Hey Heads Up! TODO list and sharing 3. Layered Genealogy family history research 4. foos for foosball scoring 5. fanconcert for music fans (on hold) Hiring Rails developers? I can telecommute by the hour from Ottawa, Canada »» Email: rails AT ryanlowe DOT ca
BulletBlog
Now hosted on Hey! Heads Up -- check it out!
Syndication
Pings
Recent
Derek Lowe's (Ryan's older brother) words at Ryan's funeral
blog@ryanlowe.ca no more Forging Email Headers: Good, Bad or Ugly? Sarcastic Dictionary (Part 1 of Many) Tags Hierarchies Twisting Rails is Risky Business Risky Business? My Take on Early Alphas Whoa, it's August 2007 Closing Comments A Postscript to "Growth at the grassroots" »» All Blog Posts
Linkage
del.icio.us/ryanlowe
technorati/ryanlowe.ca/blog Aurora Roy Jim Andrew Trasker Travis Kibbee Karen Dr. Unk Ayana Van Bloggers Joel Spolsky Robert Scoble Tim Bray Dave Winer Raymond Chen James Robertson Ruby/Rails Bloggers rubyonrails.org weblog David Heinemeier Hansson Dave Thomas James Duncan Davidson Mike Clark Jamis Buck Signal vs. Noise Tobias Luetke Amy Hoy: (24)slash7 Jeremy Voorhis Eclipse Bloggers Planet Eclipse EclipseZone Luis de la Rosa Eclipse Foundation Kim Horne Billy Biggs Ian Skerrett Mike Milinkovich Bjorn Freeman-Benson Denis Roy
Archives
  
|
Forging Email Headers: Good, Bad or Ugly?
My new Ruby on Rails project Hey! Heads Up (H! for short) sends quite a bit of email to notify people about updates from others. Should those updates appear to come from H! or from the person that triggered the notification? I don't know enough about email to answer that question but I'll outline the problem and you can let me know what you think. Hey! Heads up lets you manage "temporary" links. They are temporary because you don't know if you want to keep them yet or not. Maybe someone sent you an article/video/website but you don't have time to check it out. You'll still want to keep track of it until you do read it but do you really want to bookmark it in the browser or on a site like del.icio.us? H! is a "TODO" list of these temporary links, so you can prioritize them. Once you do check out the article, H! lets you send it to other people that use H! (and soon to anyone by email). When H! "sends" the item the other people are notified by email that there's a new item in their H! incoming list. Right now this email appears to be from Hey! Heads Up <help@heyheadsup.com>. Replies to this email address get forwarded to me, the website administrator. But there are all sorts of problems with this approach to notifying by email, primarily spam filters. Many people are now filtering email by their contact list and/or a whitelist to reduce spam. Unless help@heyheadsup.com is on their whitelist, people don't get H! notifications. So my question is: would it be better to "forge" these notification emails to appear as though they are coming from the sender of the item? Presumably these people are already in the contact lists of the people they are sending H! items to, so the notification has a much better chance of making it through the spam filters. As well, seeing a notification coming from a specific person instead of help@heyheadsup.com for everyone could make it easier to sort and prioritize these notification emails in a person's email inbox. Why is forging emails bad? Some spam filters could flag emails sent by mail software from one domain (like heyheadsup.com) and forged with a "from" with another (like gmail.com). But I've seen the technique used in a lot of places, so it's hard to say how much it is frowned upon. As a website creator, forging emails would essentially be sending emails on a person's behalf. How about the industry leaders? Facebook's notification emails have a from text that looks like: Facebook <notification+m1--ujud@facebookmail.com>. The strange reply address could be used to sort feedback but otherwise it's a little confusing. To top it off, using a similar-but-not-quite-the-same-domain (facebookmail.com instead of facebook.com) for emails is a common phishing technique. Are there more precedents? Is there any consensus? Opinions are appreciated. Would you want a site to send notification emails in your name? BTW, if you want to give H! a try it is in alpha testing. Fire me an email at blog[at]ryanlowe[dot]ca to join the alpha test group. Posted at October 19, 2007 at 12:22 PM ESTLast updated October 19, 2007 at 12:22 PM EST Comments
I dunno.. seems a lot like a solved problem to me. Google Toolbar has an email this page feature Tumblr makes for a very quick bookmarking service as well http://engtech.tumblr.com People use TwitThis to bookmark links to twitter all the time My guess is the value add from HeadsUp is that the people you're sending links to don't have to use the service as well? If they do, then how does it differentiate itself from this stupidly crowded social bookmarking niche? » Posted by: engtech at October 20, 2007 08:27 PMI agree: the bookmark niche is getting full. I went with a general "TODO list" first, not just bookmarks. Then I allowed "sending" to other people that use the service. Then I'm going to let people send items by email to those that don't use the service. Many of my TODO items on H! are private and not published like other bookmarking (delicious) or mini-blogging (twitter) services. When I want to share on my H! mini-blog (like after I read an article) I just click publish and it's put up for the Internet to see. I'm really scratching my own itch here, and my main thing is prioritization. I find at least a dozen things a day I want to check out, I just don't have time *right then*. Some items are articles I find on news sites, other items are links that people send me. Some are albums or movies I see somewhere and want to check out later. H! lets me keep them all together and once I've checked them out I can do something with them: publish on my mini-blog and comment on, send to a friend, bookmark permanently, etc. I'd like H! be in the middle of people's workflow for managing items to check out later. I could even make an API for both incoming and outgoing parts of the workflow. » Posted by: Ryan at October 21, 2007 02:23 PM |
