on 08-19-2010 2:34 AM
Hello,
I've posted this as a new thread, because although I have emailed the Idea Place email address, I still haven't received any response, and I think this is an important issue.
It seems that the notifications that are sent from Idea Place when you create an Idea and someone comments on it, are sending the private email address of the commenter to the Idea submitter: e.g. the message I received a couple of days ago as Harald posted a comment on an Idea I had submitted - email address removed to (1) get around damnable filtering of this forum (2) to protect Harald's privacy.
Chris Paine,
A new comment was created on the idea Remove filters on certain fora - Comments & Suggestions and Coffee Corner:
https://ideas.sap.com/ideas/1137#comment-1137
Author : Harald Boeing
Profile: https://ideas.sap.com/people/harald @ somedomain.somedomainsuffix
Comment:
I think I just discovered why this is still beta status - I just posted a comment which disappeared, so let me try again (I hope it doesn't show up later and then it's me who looks like the idiot)...
... (rest of text removed as irrelevant for this post) ...
Harald's email address was clearly visible in the notification - even though he has it set to not being available in his profile.
When you go the the website it gives you an alternate link to Harald's profile on Ideas Place which uses a numeric user number - not the email address. This is what should be sent in the notification.
As I mentioned, I have sent an email with this info to the address mentioned in the website FAQ and Contacts, but no response - I thought it might get more visibility here. I've even created an Idea - https://ideas.sap.com/ideas/1149 - so you cna vote on it...
Cheers,
Chris
I did see mention of a priority issue ticket relating to this a week ago, so possibly they waited (too long) to get back to you with good news.
Anyway, it is known and someone out there is working on it.
ps: If you can also post via email response (which is what some sites do) then it is worse: you change your mail address to post as others or use out-of-office notifications as DoS attack weapons.
Cheers,
Julius
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Julius,
I thought I'd better raise it - as emailing out supposedly private email addresses is pretty bad - and I would imagine illegal in many countries (especially the EU where the server seems to be located...)
I'll still be waiting for an official response - so I'll not close off the thread just yet.
Cheers,
Chris
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.