From 8dfe3d1e8f1d9571e1f11da75ff5956f3b1ef4a0 Mon Sep 17 00:00:00 2001 From: Stefan Kangas Date: Tue, 12 Oct 2021 06:30:20 +0200 Subject: [PATCH] Recommend against using uce.el * lisp/mail/uce.el: Recommend against its use. (Bug#46472) --- lisp/mail/uce.el | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/lisp/mail/uce.el b/lisp/mail/uce.el index b07004de38..7d59986ae2 100644 --- a/lisp/mail/uce.el +++ b/lisp/mail/uce.el @@ -358,7 +358,36 @@ uce-reply-to-uce ;; Run hooks before we leave buffer for editing. Reasonable usage ;; might be to set up special key bindings, replace standard ;; functions in mail-mode, etc. - (run-hooks 'mail-setup-hook 'uce-setup-hook)))) + (run-hooks 'mail-setup-hook 'uce-setup-hook))) + (pop-to-buffer (get-buffer-create "uce-reply-to-uce warning")) + (insert "-- !!! NOTE !!! -------------------------------------------- + +Replying to spam is at best pointless, but most likely actively +harmful. + +- You will confirm that your email address is valid, thus ensuring + you get more spam. + +- You will leak information (e.g. on your email server and + setup), thus opening yourself up for further attack. They are + likely to find your IP and \"geolocation\"), which often makes + it trivial to find e.g. your home address and phone number. + +- The sender address is likely fake. The abuse@domain is + unlikely to be able to do anything. + +- You open yourself up to various kinds of social engineering. + +- You confirm that the email did not land in your spam folder. + (This helps them refine their methods of spamming.) + +- Scammers have been known to threaten, intimidate, and use other + forms of criminal manipulation. Replying to spam can lead down + a path that you may not want to be on. + +Therefore, we strongly recommend that you do not use this package. +Use a spam filter instead, or just delete the spam. +")) (defun uce-insert-ranting (&optional _ignored) "Insert text of the usual reply to UCE into current buffer." -- 2.30.2