Comments (4)
I didn't find anything specific in the RFC, but some parts of the "Authentication" and "Security Considerations" chapters indicate that yes, when we receive a REPLY from an external user, we should process this from Mail into the calendar. But only for the ORGANIZER.
Is the RFC you are referencing this one?
We don't have this at the moment.
Theoretically, we should only accept messages that are S/MIME signed if we want to process them automatically. @PatrickJosh are such replies from external users signed for you?
No, they are not. I can provide you one of these emails if you want, but since they contain quite a lot of personal information, preferably privately (e.g. via email).
But you can also easily generate one yourself if you have a GMail address; just invite this address and accept the invitation using GMail's UI, i.e. not by clicking the link that leads to the organiser's Nextcloud.
If they're not, we should offer the ORGANIZER a choice - would they like to process the message or would they like to ignore it?
That sounds sensible from a security point of view.
from mail.
@miaulalala should this be covered by #6812?
from mail.
I didn't find anything specific in the RFC, but some parts of the "Authentication" and "Security Considerations" chapters indicate that yes, when we receive a REPLY from an external user, we should process this from Mail into the calendar. But only for the ORGANIZER.
We don't have this at the moment.
Theoretically, we should only accept messages that are S/MIME signed if we want to process them automatically. @PatrickJosh are such replies from external users signed for you?
If they're not, we should offer the ORGANIZER a choice - would they like to process the message or would they like to ignore it?
from mail.
I have the same issue with outlook.com invitations. People will always click on the "yes" or "no" at the top and this handled correct by all email clients I used so far.
from mail.
Related Issues (20)
- Recipient info next to mail composer
- Call to a member function getTotal() on null - by cron background job
- Drop Down contact list freezes HOT 3
- Dashboard Widget - if an email account can't be connected to, the whole widget stops working
- All incoming email is classified as important HOT 2
- Missing loading skeleton after reloading page on list layout
- Content not displayed of some html emails (Probably blocked?)
- CTRL + click opens modal editor when selecting drafts HOT 1
- Cannot download attachement to Nextcloud Files HOT 2
- Link in navbar doesn't lead to Mail HOT 1
- Mails deleted from server will not be automatically deleted at mail and cannot be deleted afterwards manually HOT 2
- Optional parameter $bcc declared before required parameter $body is implicitly treated as a required parameter at /var/www/nextcloud/apps/mail/lib/Model/NewMessageData.php#120 HOT 1
- The mail app is not updated HOT 1
- "Save all to Files" and "Download Zip" don't work with *.EML attachments
- Authenticated ciphertext could not be decoded HOT 11
- Can't sign in to QQ mailbox HOT 4
- flag external mails
- Mails do not load since 3.6.1 mailboxlocked error HOT 2
- Searching results in "Could not open inbox" most of the time (approx. 9/10 cases) HOT 1
- Minimised composer session style broken
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mail.