a DoS vulnerability associated with conflated Message-IDs?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Mar 8 09:16:18 PST 2012


On 03/08/2012 12:04 PM, James Vasile wrote:
> On Thu, 08 Mar 2012 11:37:09 -0500, Daniel Kahn Gillmor<dkg at fifthhorseman.net>  wrote:
>> Any ideas on how to approach this?
>
> Treat messages with the same ID but different hashes as different?

Given that a message hash would include all headers, including Received: 
and other MTA-added stuff, i think that would remove all relevance of 
the Message-ID field. in particular, it seems like we would just be 
identifying messages by their digest.

If you're willing to ignore the headers and just look at a digest of the 
body, that still doesn't provide any help for the common (legitimate) 
case of a message jointly-delivered to a mailing list and to a specific 
(already-subscribed) user.

That user will get two copies of the message, and since most mailing 
lists modify the body of the message (usually by adding a footer section 
with mailing list info) their bodies will also have different digests.

So i don't see how to make this suggestion work without giving up on 
Message-IDs as the identifier entirely (and therefore accepting many 
more spurious duplicates than users currently need to tolerate).

Any other suggestions or ideas?

	--dkg


More information about the notmuch mailing list