Comment 6 for bug 391780

also
 * disable linking (or perhaps all markup?) by untrusted users?
 * insert <a rel=nofollow> - but do we really care? the vast majority of content is trustworthy and has useful links, and we have mechanisms for getting rid of spam
 * possibly, css to make things inside

One open question is about how to handle newlines:
 * original markdown ignores single newlines unless they're preceded by two trailing space characters - exactly the sort of significant trailing whitespace that is a pain in the butt in moin
 * github, stackexchange, perhaps others, treat newlines as hard line breaks; this can be accomplished with http://www.freewisdom.org/projects/python-markdown/nl2br

the former is arguably better for incoming email, but even there if it's correctly typed as format flowed we have a chance to detect which newlines are really soft vs hard.