----Steps to reproduce the issue------1. Create an announcement group in the Google Apps (My university is using the education edition).
Let the group name be testgroup and the group email id - test.group@sample.edu
2. Add some email ids to the group.
3. Add a email id as the owner of the group say email id - group.owner@sapmle.edu.
4. Use a "fake mailer service". In the "send from" field :- group.owner@sample.edu; "send-to" field:- test.group@sample.edu.
5. The mail will be sent to all the group members of testgroup.
6. The email will also appear in the Sent Items of the email id - group.owner@sample.edu
PS: I have not tested it with a "normal" PHP(or other) mail script, but with a fake mailer service available online.
This should be fixed at the earliest and just email based validation for the group owner (or others that have permissions to post/mail)
for checking the permission should not be the ONLY (as others validation fail in this context) validation.
I would be happy to be contacted if some more information is required. And also to be notified when this is fixed.
/-----------------------------------------/
Mayank Gupta.
By- Narendra Sisodiya
No comments:
Post a Comment