From: Yanni <jon@aggroup.com>
Date: Wed, 21 Feb 1996 13:37:28 +0800
To: "Mark M." <cypherpunks@toad.com
Subject: Re: JavaScript to grab email
Message-ID: <9602201325.AA28317@jon>
MIME-Version: 1.0
Content-Type: text/plain


> I visited the page using a fake e-mail address, and have yet to be sent
> a confirmation e-mail.

When it sends the mail, netscape puts your email address that you put
into the message in the From: field. This is what that JavaScript is
doing. It is not reading any of your files or doing anything "illegal",
it is just taking advantage of the way that Netscape sends email. ;)

Obviously, either putting nothing or a bogus email address will cause
you to not get a confirmation e-mail.

It is one of those "why didn't I think of it" things. ;) Simple
yet effective. :)

-jon

Jon S. Stevens         yanni@clearink.com
ClearInk WebMagus      http://www.clearink.com/
finger pgp@sparc.clearink.com for pgp pub key
My apologies for the loss of bandwidth. :-)