Add Attachment in PM.

[Fizzy]

Well here's a scenario for you.

A member joins, cannot see email addresses of the majority of members because they are hidden (very wise) so he sets about spamming with ads for V1@gr@ using IM's.
Many members have IM email notifications switched 'On' so the IM's get sent out as spam emails.
Spamcop etc gets various complaints of spam emails coming from YOUR DOMAIN (that's the IM notification return email reply address, right? )

The next thing you know is your domain or worse still, your server, is getting blacklisted for Spam. Disclaimers don't seem to help, especially when it comes to the likes of AOL. To my mind, if members want to bounce attachments around then let them do it by email, under their own name. If it goes through my forum using IM then the buck stops with me, not them.

[Ben_S]

verry good point, and you should also be able to set permissions to who can send attachements in pm's.

You seem to forget one thing, theres too many thick forum admins out there that would allow members to sent attachments via the PM system, all it takes is someone to start attaching "highly illegal" images and the person who gets into hot water is the forum admin.

If you really need this, for whatever reason, make it a mod at least that way you understand the consequences and if you end up in the police station, it's your own fault and you cannot blame the SMF team for providing a stupid feature that allows all maner of people to store potentially illegal images on your server.

[Oldiesmann]

Good points. Even more reasons why it should be a mod and not a regular feature.

[Alisha]

Since this is a international site, I will only mention what I know about US law...  If a member of a forum would post or send something illegal, warez, porn, or other types of information the Site owner can not be help liable if he/she had no knowledge or intent for such use of the site.  I know this information from reading and a phone call to my attorney yesterday.  US Courts have determined that a site owner can only be help liable if he/she knew it was being done and did not remove the content.   Now, these rulings were made based on copyrighted warez trades.  Not, child porn or other illegal content.  Although , they should still apply.  Now, my thinking here as a MOD or a feature, put the attachments as part of the attachment manager.  IF an admin would think there is something up, then POOF he/she can check on things.   While everyone knows  that Emails are not considered by any means private by any means, why would anyone expect PM's to be private?  I would expect that if someone tried to use your forum, you would be able to catch them, report it, and have the proof you need that you had nothing to do with it.   It would be a simple resolution to just handle the attachments with the attachment manger, access if needed.   I would not think its very stupid to allow people to send / receive files just because some people could use it for illegal purposes. 

This is why the US Courts stated that P2P torrent trackers are perfectly legal, even though 90% of used for illegal pourpose.  I think I am one of the only legal trackers up and around.  Those were designed and created for illegal use.  Yet, they are deemed legal because they can server a a legal and beneficial use.   Admins are not going to jail in the US because their site was misused, they are going because they misuse the sites. Then of course its not SMF's fault if their software was used for an illlegal purpose, webmaster knowing or not.   Look at how many Kids are solicited a day on AOL, enough that there is a Federal FBI Task Force, and Agents are now permanently assigned to AOL. Should AOL drop Instant Messanger?  You can send Attachments or Files Via AIM now.   Yes, I am sure there are 1000's of illegal items going through AIM as I type this, but they are not going to arrest the board of directors of AOL for those actions. 

I would love this as a feature, because I think it would be best served fully intragrated into the software with full control.

[ryanbsoftware]

verry good point, and you should also be able to set permissions to who can send attachements in pm's.

You seem to forget one thing, theres too many thick forum admins out there that would allow members to sent attachments via the PM system, all it takes is someone to start attaching "highly illegal" images and the person who gets into hot water is the forum admin.

If you really need this, for whatever reason, make it a mod at least that way you understand the consequences and if you end up in the police station, it's your own fault and you cannot blame the SMF team for providing a stupid feature that allows all maner of people to store potentially illegal images on your server.

the admin of a forums isn't responsible for what others send, thats like saying the USPS should be held accountable for the anthrax sent though mail.

[Ben_S]

Legally, it's questionable. From your hosts AUP, you are to blame, they do not care if it was one of your users who put it there.

If you need it that much write a mod, it can't be that hard  for you since you profess to be a programmer.

[[Unknown]]

Once you do nothing to stop it, you're liable too.  It's like web hosts.  Even if you weren't the one putting up the child pornography site, if you could have stopped it and didn't do anything, you're guilty.

-[Unknown]

[Alisha]

Once you do nothing to stop it, you're liable too. It's like web hosts. Even if you weren't the one putting up the child pornography site, if you could have stopped it and didn't do anything, you're guilty.

-[Unknown]

Very true. but if its a Private message, and the Admin / Mods have no idea it would be there or going on, there is no way to stop it.  There is no way for you to know if your users here where swapping serials for programs in PM's.  So this would eliminate our liability the same as it would eliminate Lewis Media if I was trading serials in PM on here.

Now, on a moral aspect, I would again like to see the Attachments handled in the manager also.  So, if there is a high percentage of a .jpg files, an admin could look in on it.  I think this is a very good Mod/feature that SMF could add.  I know I would really like to see it.  On our site, our members would mostly exchange WIN images.  Also, maybe have an option of setting a max byte for the file and a Max Number of files per PM. 

Thinking about those that have been on here helping me with some of my site, having to paste in a FILE where I could just send index.template.php instead.  There is a great deal of use for this feature esp on a support forum.  Holding back on something like this isn't fair to the project.  Maybe we need to stop driving to work, because someone used a car to commit a robbery.

[[Unknown]]

But, you see, it could be argued that the content of pms should be monitored by moderators.  Furthermore, the database is viewable, and as such it would be possible to see what's attached.  So you could have done something, especially if it's a repeated offense...

Another point is moderating those attachments, but in the way of simply pruning old ones.  I might, for example, want to save server space by deleting some no longer needed avatars.  It would surely be argued, the second this feature was added, that the attachment manager should show the PM attachments so you can delete them, etc....

And... it's really easy to attach a passworded zip file to a post in the test board...

-[Unknown]

[Alisha]

And... it's really easy to attach a passworded zip file to a post in the test board..

and Zip password "recovery" tools are more common than zip files.

[scottb]

Well couldn't one just browse the attachments using the attachment manager? I mean if you see one that is against the rules just remove it.

[Fizzy]

But then doesn't that totally rule out any claims of privacy?

My members' messages are private. I make a point of explaining that to new members.
I do not have the right, the time or the inclination to go poking around or moderating in to peoples private correspondence and I could even argue the legality of it.
Here in the UK we are governed by the Data Protection Act, designed to protect a persons privacy. I fail to see why a persons privacy should be violated just because members want to use the forum as an extension to their email.

Private Message - Instant Message

not

Private Attachment - Instant Attachment

[Oldiesmann]

I've been saying that all along. If you don't monitor attachments, people could send all kinds of junk via PM, and if you do monitor attachments, some users might get upset and say that you're violating their privacy.

[dschwab9]

Imagine someone registering, and spamming half your members with pornography.  I know people who would stop going to your forum if that happened.

This keeps coming up, but thats a problem that already exists since img tags are allowed in PM's.  Someone could just as easily put an image on their own server and put it in a PM and spam all your members.

[dschwab9]

Legally, it's questionable. From your hosts AUP, you are to blame, they do not care if it was one of your users who put it there.

You're host doesn't make the laws.  They can kick you off their server, but that's all the power they have.

[Alisha]

Legally, it's questionable. From your hosts AUP, you are to blame, they do not care if it was one of your users who put it there.

You're host doesn't make the laws. They can kick you off their server, but that's all the power they have.

I would also consider a new hosting service if that was to happen.  Your host knows as well as anyone that something like that is possible without your control or knowledge.  If you host is that ignorant, I would look into a new service ASAP.

[Fizzy]

Someone could just as easily put an image on their own server and put it in a PM and spam all your members.

The key words there are "their own server" = their own liability, not mine. There's a word of difference between a link and a hosted image.

If you host is that ignorant, I would look into a new service ASAP.

I don't fancy the idea of having to dump a perfectly good server host just so members could send something that could just as easily be sent by email and with zero risk to my site and the thousands of my members who wouldn't even be interested in a facility like this. We have Coppermine, that gets moderated. They have email, they have image hosting sites etc etc. Why I should carry the risk and the cost is quite beyond me 

Gladly it looks like this will not be a feature, but if it were I would make a point of tracking down the code and ripping it out.

[Amacythe]

Fizzy, if it were to become a feature, I would hope that after you rip that code out you post which code it is so others of us can also quickly rip it out.

[ryanbsoftware]

Legally, it's questionable. From your hosts AUP, you are to blame, they do not care if it was one of your users who put it there.

If you need it that much write a mod, it can't be that hard  for you since you profess to be a programmer.

umm yeah vb.net NOT php.

it should be a featyure you can turn on and off, defualtly it would be off, and if you slected on defult permisssions would only allow admins to send attachments in a pm, or make a mod.

[dschwab9]

Fizzy, if it were to become a feature, I would hope that after you rip that code out you post which code it is so others of us can also quickly rip it out.

I would hope that instead of being ignorant enough to "rip out" a feature people do not like, they would simply go into the admin center and turn it off.