http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=3280 Ian Walls <ian.walls@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ian.walls@bywatersolutions. | |com --- Comment #1 from Ian Walls <ian.walls@bywatersolutions.com> 2011-12-04 18:01:52 UTC --- Confirmed this is still an issue. Not sure there is any good way around this. To truly solve the issue, we'd need to be able to separate the spam from the ham (as it were), which is too subjective to handle systematically. Perhaps instead of allowing arbitrary email addresses, we only allow either other borrowernumbers (so you can send to your friends) or a selection of one of the patron's own email addresses. The latter would be much easier than the former. This would reduce the flexibility of opac-sendbasket, but I think that flexibility is the fundamental security issue here. -- Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA Contact for the bug. You are watching all bug changes.