----Steps to reproduce the issue------
1. Create an announcement group in the Google Apps (My university is using the education edition).
Let the group name be testgroup and the group email id - email@example.com
2. Add some email ids to the group.
3. Add a email id as the owner of the group say email id - firstname.lastname@example.org.
4. Use a "fake mailer service". In the "send from" field :- email@example.com; "send-to" field:- firstname.lastname@example.org.
5. The mail will be sent to all the group members of testgroup.
6. The email will also appear in the Sent Items of the email id - email@example.com
PS: I have not tested it with a "normal" PHP(or other) mail script, but with a fake mailer service available online.
This should be fixed at the earliest and just email based validation for the group owner (or others that have permissions to post/mail)
for checking the permission should not be the ONLY (as others validation fail in this context) validation.
I would be happy to be contacted if some more information is required. And also to be notified when this is fixed.
By- Narendra Sisodiya
Post a Comment