Posts received by email should default to ‘draft’ status rather than ‘publish.’ Easy enough to change, but this should not be a default setting. No security whatsoever! Plus, a lot of us have automatic attachments on our emails–signatures, ads, spam and antivirus ads/stats, etc.
Building some security and filtering into this feature would be nice, along with a way to match multiple originating email addresses with registered authors.
