I don't see where the risk is. Like, with HTML etc, are you worried that someone would send malicious code to your NirvanaHQ inbox? Pretty sure they all sanitize the input and nothing is actually executed or run.
Like I said, the secure thing to do is to sanitize things to ASCII text.
No links to web pages - which can be malicious.
No images - which can overflow your image renderer.
Anything that is not straight simple ASCII is vulnerable. Heck, even unicode can be vulnerable.
If the only thing that I can use "Email to my GTD app" for is ascii text, it greatly reduces the utility. The thing that I most want to send is to forward email (from Gmail, or Outlook) to my GTD system. Very little of my email is text.
I think FacileThings just uses a generic "
inbox@facilethings.com" and thus someone would "just" need to spoof your email address to send stuff to your inbox. But even then, what's the end game here? Annoy the heck out of you by flooding the inbox? Well, if they want to be a pain in the butt, and they can spoof your email address, there's more pressing concerns.
Umm, there aren't very many widely used email systems in which they cannot easily spoof your email address.
Things, for example, uses a long, pseudorandom email address
That's first step - but if the long pseudorandom email address is static, then it is just security through obscurity.
If that long pseudorandom email address ever leaks out - e.g you may have forwarded it somewhere like a mailing list - it is no longer secure.
The next step would be to sign (or encrypt and sign) the messages. But, of course, very few of us use encrypted email.