Sonic.net

kgc wrote: we're currently working on reclaiming as much slack space as possible to get more on the screen at a time.

Could those 'white space' bars also simply be left off when you scroll down to the next screen (as they are in Squirrel)?

I have a computer running an old version of Debian. It cannot run the new webmail because my browser is too old. It would be too bad to have NO access to webmail, if you discontinue the other webmail options.

-- Robert Neff
(It is: Firefox 2.0.0.4, on Debian older than oldstable. (Kernel is 2.6.18-6-686).

virtualmike wrote:

Guesty Guesterson wrote:Also...
When I try to use RoundCube's 'right-click' features, the options are obscured by my OS's contextual menu (which is also activated by a click of the right mouse-button). Seems like a bug (or at least an annoyance) in the RoundCube Interface.

Is it your OS' context menu, or your browser's?

I get that behavior, but it's my browser's context menu. I could change a setting in the browser, but there are a couple of web sites that I use that intentionally disable the right-click context menu, preventing me from using several of its functions. In that situation, all I need to do is press the Esc key, which dismisses the browser's menu and lets me use the page's menu.

It's my OS... as I said. Because of my physical disabilities, the ESC key is mapped to perform a function that helps make it a little easier for me to use my PC. Your solution won't work for me.

The RoundCube really is a pain for me. If it becomes the only option, I'll probably end up leaving sonic. I really wonder if some law firms will make an Americans with Disabilities Act issue out of this for sonic. If history is any guide, I think it may happen.

Please explain to me how it could be an ADA issue, if they provide IMAP, and POP3 access, in which someone with disabilities could utilize an accessible mail client?

kgc wrote:@nliten - we've discussed this at some length and what you see is the result of those conversations.

The synthetic Received header amounts to the same thing added by our outbound SMTP servers when mail is sent through them. All major webmail providers except for gmail (as far as I'm aware) also generate this synthetic header. This has the distinct advantage that the receiving server is able to process the received headers to the original source for use in spam filtering and affords webmail users no more or no less anonymity than users that choose to use their own clients.

The plugin that you've pointed out encrypts this header but that results in a positive score in SpamAssassin due to it having an unparsable received header.

On the other hand, the data in the X-Sender could be encrypted, we'd just need to write/modify a plugin to do it.

Thanks very much for your response Kelsey.

I do see your points regarding the added "Received" header and respect your decision and reasoning to implement it, although I would personally prefer that it be dropped completely. I also had not considered that an encrypted and therefore non-parsable "Received" header would get scored and/or flagged by SPAM filtering software.

However, the "X-Sender", "X-Atmail-Account" or similar headers are of greater concern vs. the "Received" header because the data of these headers contains the immediately exploitable Sonic User Account email address. Exposing this email address undermines the benefit of using an "Alias" Sonic or other Domain based email address to keep the actual Sonic User Account email address private.

This and similar "X-" headers have clearly been harvested resulting in SPAM proliferation targeted at the respective email address. In numerous cases the email address revealed in this header was never used or provided to anyone and could not have been easily discovered from any other source or email header.

Please do consider resolving this by either encrypting the Username portion of the "X-" header data, populating it with a null data value or removing it altogether.

It should be noted that the RoundCube plug-in (with the unpacked file name: "log_sender.php") previously posted DOESN'T encrypt the "Received" header but, encrypts the "X-Sender" header but, only IF the "Received" header was already encrypted by adding the option to encrypt it in the RoundCube Main Configuration file, "main.inc.php":
$rcmail_config['http_received_header_encrypt'] = true;
Defualt Config setting is: $rcmail_config['http_received_header_encrypt'] = false;

Alternative plug-in solution...
The following plug-in code may accomplish the goal of encrypting only the Username (Sonic User Account Email) added to the "X-Sender" header WITHOUT requiring that the "Received" header be encrypted or that any other changes be made to the RoundCube Main Configuration file, "main.inc.php". The plug-in code below was inspired by the plug-in code referenced in my previous post.

Please Note: There may already be a plug-in installed that is currently adding the un-encrypted Username to the "X-Sender" header. If so, it may need to be modified or de-activated and removed.
Edits: Quote added, spelling, clarification and emphasis corrections.

Guest wrote:Please explain to me how it could be an ADA issue, if they provide IMAP, and POP3 access, in which someone with disabilities could utilize an accessible mail client?

Take a look at "National Federation of the Blind v. Target Corp" back in 2007. A court ruled that Target was in violation of the Americans with Disabilities Act, particularly because the website offered exclusive offers that affected the use of Target's brick-and-mortar stores (the ADA specifically applies to physical spaces) and the Target.com website was not reasonably accessible. Many people took this as a foot in the door for the ADA becoming a major web design concern.

Concern about lawsuits should be the least reason to want an interface to be accessible. Content should be accessible because it exists to be accessed. The goal here should be to provide the best interface possible, not to cover our behinds.

rmrneff wrote:I have a computer running an old version of Debian. It cannot run the new webmail because my browser is too old. It would be too bad to have NO access to webmail, if you discontinue the other webmail options.

Robert, is there a reason why you haven't upgraded the OS? You may (even though it is such an old install) be able to run a static build of a newer version of Firefox or Chrome.

I have to point out to the people running these old browsers -- there's probably a 99.9% chance that your browser is remotely exploitable and could allow a malicious site to take complete control over your system.

kgc wrote:I have to point out to the people running these old browsers -- there's probably a 99.9% chance that your browser is remotely exploitable and could allow a malicious site to take complete control over your system.

Isn't this also an issue with these old webmail frameworks, too? The risk is serverside, probably, but definitely hard to keep all that old stuff updated.

Much more user friendly than the older version and I'm glad to have a "signature" I can add to emails however the signature gets posted to the very bottom of the email. I would prefer the signature get posted where my cursor is. I've ended up cutting it from the bottom and placing it where I want. Is there a setting I can adjust to change this or is it a software glitch?

My first comments never got posted so I'm trying again...Hate the new email. Must scroll to read even a short email. Worst of all: can only file emails into personal folders by right clicking message then it took me 16 mouse clicks to file one message and I don't have that many folders. How can anyone call that an improvement ???? Why is there no move message button on the menu bar/toolbar any more?? That is one of the most common actions one does with email. Can we still login to the old email?? I don't want to have anything to do with the new one if this is what it's like. My browser is Mozilla Firefox.