HTML List Abuse (was: "please ignore: this is only a test")

[Eugen Leitl]

On Thu, Oct 17, 2013 at 10:47:08PM -0500, brian carroll wrote:

>  so you're saying the person is reading this
>  on a two-line 80s electronic pager then?

Many people concerned with security use text-only MUAs,
as that works well over low-bandwidth mobile links and
gives less attack surface against compromises.

The less complexity, the less lines of codes and code
complexity and easier to debug. E.g. by not discarding
HTML-only (but giving preference to plain text in
multipart messages) I'm running risk for having this system
compromised, even if I render via a text browser
like links. That's ok, I consider this system sacrificial.

Rendering rich content in a GUI is courting disaster.
You will get nailed, and be it just malware from spam.

You can assume that people who care know this, so
text-only correlates with old hands and/or high clue.