[Coco] Document Formatting (was: Hello All)

John E. Malmberg wb8tyw at qsl.net
Sun May 30 20:57:29 EDT 2004 

Robert Emery wrote:

> I'm still a little confused as to what this SP2 will actually do. It looks like
> you're saying it will put everyone back to text-only, not allowing html email
> content by default rather than relying on a user setting it that way.

The problem with HTML or rich text being sent as default is that it is 
making an assumption that the receiver is able to deal with the content. 
  One of my relatives thinking that they were doing a favor put my 
e-mail addresses in on an information sheet for a web page.  That web 
page sent an e-mail that was 2 Megabytes in size.  Just to make sure 
that it arrived OK, they sent 4 copies.

The web site apparently did not tell them how big the e-mail would be or 
in what format.

A sender must not ever assume by default that anything other than plain 
text is welcome by the recipient.  Mail client software that makes that 
assumption by default is either being ignorant of existing history, or 
trying to force a shift.  And IMHO, trying to force such a shift is rude.

New users to Internet e-mail should be warned that they should only send 
HTML or rich text to receivers that want it as it is an "Extension" to 
standard e-mail.

Getting the mail clients to default to plain text for Internet e-mail is 
a good thing.

Mozilla has three settings.

    Plain Text.
    Basic HTML.
    Full HTML.

Basic HTML will only use a subset of functions, none of the exploitable 
HTML code will run.

Full HTML will do everything, with the exceptions below.

Scripting is separately enabled/disabled by the user.  [This should be 
done for safety]

Display of external links is enabled/disabled by the user.  Not only 
does this allow the spammer to confirm that your ISP has poor spam 
control, at least one spammer is including a boot loader to download 
some addition spyware.  Some folks on news.admin.net-abuse.email are 
trying to figure out what exactly it does.  Apparently it is not 
tripping the all of the virus scanners.

Display of included pictures is enabled/disabled by the user.  Turned 
off because I do not need to see what is in spam.  Also worms were using 
a bug in the way that Microsoft determined how to display the content to 
invoke them.


> I agree, a little color, italics and bold can greatly enhance a message. RTF
> (rich-text) was great for that, and not a security risk like html has been. I
> wonder why that was never included in email's abilities. That's another of the
> various reasons I like the forums Roger has at CoCo3.com... you can do those
> things, and safely.

RTF is/was a proprietary format and I am not sure that it ever has been 
publicly documented, just reverse engineered.

E-mail originally allowed such escape sequences to be sent for boding 
and such, and that was before the ANSI standardization of terminals. 
Exploits were done where if you could guess the recipients terminal 
type, you could take control of it, or do minor pranks.

So e-mail was restricted to 7 bit printable ASCII to stop those exploits.

Who ever decided to set up e-mail clients to be able to render advanced 
content was totally ignorant of why the restriction was put in, or they 
would have limited the display capability.  I do not think it was 
Microsoft that made that original mistake.


One of the other basic problems with anything other than plain text is 
that it is hard for the sender do know what the receiver can handle in 
advance.

The sending of alternative formats does not solve all the problems, 
because it makes it even worse for people who have low bandwidth or low 
storage quotas.


HTML and other formats on a web page do not put an additional burden on 
the browser as the browser can decide what it wants to download, and the 
browser can tell the server what it's capabilities are and how it 
prefers to do things.

E-mail is open loop.  Unless the sender has received some previous 
communications, they do not know what is acceptable to the recipient.


If your display has 16 Million colors, and mine only has 256, if you 
select a color that I do not have, the substitutions may be bad.  If you 
set a font that I do not have there is the same problem.  If you specify 
a font size, it may not be one that I can display.

A display that looks good on your 15" monitor at 800 * 600 resolution, 
may be totally unreadable on my 19" monitor that is set to 1280 * 1024 
resolution.

What people do not realize in when formatting web pages or other content 
for remote interpretation is that the formatting needs to be considered 
a suggestion, and their document must not depend on the hints being 
taken to display correctly.

And unfortunately much of the authoring/composing software available 
does not generate the tags as if they were optional, nor do they allow 
the person to see how their composition will show up under various 
renditions.

-John
wb8tyw(at)qsl.net
Personal Opinion Only

More information about the Coco mailing list