Unconditional unsubscribe via email footer

Denial of Service

I am testing “reply by email” for a forum, and discovered that the posted response includes the entire quoted message as sent by gmail. It’s obscured by being in an auto-hidden “…” but still includes the “unsubscribe by email footer” text and unsubscribe link, which is obviously a Denial of Service security flaw.

@codinghorror says to turn that off as the solution, so I turned off “unsubscribe via email footer”, which I had turned on for user convenience (and reputation management), but I’m still getting emails with unsubscribe links in the footer.

I’m running Discourse 2.6.0.beta2 1acb2f752bd9075472cd4e8d1b14196e6289f51b

1 Like

Which mail provider are you using? Many will insist on inserting their own links to unsubscribe. Have you confirmed that the links which show up point to your instance rather than said mail providers?

1 Like

You can disable that by disabling the always show trimmed content site setting. As an admin you will still be able to see the full email by clicking on the envelope icon in the top right corner of a post created via email.

2 Likes

Sorry, I conflated things. @codinghorror described that as the solution, but it doesn’t remove an unsubscribe key in the footer entirely, it just (as the help text points out) changes the URL protocol between mailto and https which in either case is exposing the unsubscribe key.

To be further clear, I’m using my own sendmail server on another system, which is definitely not configured to add any links or any other content at all. In addition, the actual links are discourse-generated, of the form https://${myforum}/email/unsubscribe/${uniqueId} which would not match something generated by another server.

Now, having tested it between non-admin users, I see that the link requires authentication, so it’s just ugly to have it, and a waste of database space, and not a DoS. :sweat_smile:

I’m not complaining about it being obscured. I’m complaining about it being present (even though obscured).

I have always had this setting, which has to the best of my knowledge never changed in site history:

I am clicking on the ellipsis icon within the post to see the quoted text.

Have I missed a configuration to entirely remove a trailing quoted section from a response? My main reason for not wanting to turn on reply-by-email has been precisely how much quote noise it injects into the forum. It make the “lazy” use of the easy reply-by-email feature reduce the value of a forum. Laziness is one of the primary virtues of a programmer, I’m not denigrating laziness here!