a DoS vulnerability associated with conflated Message-IDs?

Tom Prince tom.prince at ualberta.net
Sat Mar 10 09:38:44 PST 2012


On Thu, 8 Mar 2012 10:38:32 -0700, Jeremy Nickurak <not-much at trk.nickurak.ca> wrote:
> On Thu, Mar 8, 2012 at 10:16, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> > Any other suggestions or ideas?
> 
> What about representing the contents from both message in one apparent message?
> - ...
> - If the bodies disagree, display both.

We'd probably need to do some like doing a diff. I find it annoying
enough displaying both text and html copies of a mail. Displaying two
copies of a message, just because one of them has a few extra lines as a
footer would be equally annoying.

Maybe it would be enough to ignore the signature too, when comparing messages?


More information about the notmuch mailing list