From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id 5C9B8431FB6 for ; Thu, 8 Mar 2012 09:16:22 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: 0 X-Spam-Level: X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l68mOR6wLNd6 for ; Thu, 8 Mar 2012 09:16:21 -0800 (PST) Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by olra.theworths.org (Postfix) with ESMTP id CAD03431FAE for ; Thu, 8 Mar 2012 09:16:21 -0800 (PST) Received: from [192.168.13.75] (lair.fifthhorseman.net [108.58.6.98]) by che.mayfirst.org (Postfix) with ESMTPSA id F005BF970; Thu, 8 Mar 2012 12:16:17 -0500 (EST) Message-ID: <4F58E962.1050403@fifthhorseman.net> Date: Thu, 08 Mar 2012 12:16:18 -0500 From: Daniel Kahn Gillmor User-Agent: Mozilla/5.0 (X11; Linux i686; rv:9.0) Gecko/20120125 Icedove/9.0.1 MIME-Version: 1.0 To: James Vasile Subject: Re: a DoS vulnerability associated with conflated Message-IDs? References: <87k42vrqve.fsf@pip.fifthhorseman.net> <87ipif2fdn.fsf@wyzanski.jamesvasile.com> In-Reply-To: <87ipif2fdn.fsf@wyzanski.jamesvasile.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: notmuch mailing list X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: notmuch List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Mar 2012 17:16:22 -0000 On 03/08/2012 12:04 PM, James Vasile wrote: > On Thu, 08 Mar 2012 11:37:09 -0500, Daniel Kahn Gillmor wrote: >> Any ideas on how to approach this? > > Treat messages with the same ID but different hashes as different? Given that a message hash would include all headers, including Received: and other MTA-added stuff, i think that would remove all relevance of the Message-ID field. in particular, it seems like we would just be identifying messages by their digest. If you're willing to ignore the headers and just look at a digest of the body, that still doesn't provide any help for the common (legitimate) case of a message jointly-delivered to a mailing list and to a specific (already-subscribed) user. That user will get two copies of the message, and since most mailing lists modify the body of the message (usually by adding a footer section with mailing list info) their bodies will also have different digests. So i don't see how to make this suggestion work without giving up on Message-IDs as the identifier entirely (and therefore accepting many more spurious duplicates than users currently need to tolerate). Any other suggestions or ideas? --dkg