View Single Post
  #21 (permalink)  
Old June 20th, 2003, 08:44 AM
bluckcuck bluckcuck is offline
Friend of Wrox
Join Date: May 2003
Location: Indianapolis, IN, USA.
Posts: 207
Thanks: 0
Thanked 1 Time in 1 Post

quote:Originally posted by KenSchaefer
 They could be given a pass-phrase to include at the top of each message (it could be included automatically when the original message goes out to the "trusted poster"). When I reply, this pass-phrase is automatically included in the reply, and checked for by the Wrox email system (this is kinda similar to how LSoft's Listserv allows administrators to change list configuration/moderate via email).
I think Ken's idea is interesting and expanding on it may also solve another technical problem .

The problem revolves around matching the reply email back to the correct topic in the forums. In the Snitz database structure there are two tables that house postings: TOPICS and REPLY. The TOPICS table links the posting to a category and forum and contains the original topic message. The REPLY record links to the TOPIC record. This structure allows topics to be moved from one forum to another and have all the replies remain attached. This is also why when a topic is deleted, all its related replies are removed through a delete-cascade mechanism.

When the email reply comes back, we need to determine some classifying information to correctly update the database.

First: Which forum does this reply belong to? This one's relatively easy to resolve as the receiving mailbox would be associated with a forum.

Secondly: Which topic is this a reply to? This is more complicated as simply parsing the subject after the "re:" and looking for a topic match is not guaranteed to be reliable. There's no requirement in email replies that standardizes the reply subject line. Also, there is a possibility of more than one topic in a forum having the same subject.

As a possible solution, I propose expanding on Ken's idea to have the passphrase be effectively a "one-time use" posting password. This posting password would be encoded with a topic ID number, and information positively identifying the forum member that is allowed to use the password (maybe by encoding their password or some other private key contained on the MEMBERS record in the forum).

The downside to this might come from out of office replies, delivery notifications, etc.

One advantage to having to include posting password or PGP signature is that it ensures that the person replying is "really there" and solves points 1,4,5 & 6. By actively needing to add the password, automated systems that reply will be automatically blocked. By using the passphrase method, automated systems would not necessarily be blocked as they could reply by quoting the original message - which would include the passphrase. I have seen delivery notifications, out of office, and delivery warnings that work this way.

Bruce Luckcuck
Director, Applications & Support Services
Wiley Publishing, Inc.