From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <james@jamesvasile.com>
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 4ABBD431FB6
	for <notmuch@notmuchmail.org>; Thu,  8 Mar 2012 09:04:45 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: 0.373
X-Spam-Level: 
X-Spam-Status: No, score=0.373 tagged_above=-999 required=5
	tests=[RDNS_DYNAMIC=0.363, T_MIME_NO_TEXT=0.01] autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id h7cmPY-FsWXn for <notmuch@notmuchmail.org>;
	Thu,  8 Mar 2012 09:04:44 -0800 (PST)
Received: from hackervisions.org (67-207-143-141.slicehost.net
	[67.207.143.141]) (using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by olra.theworths.org (Postfix) with ESMTPS id D24B9431FAE
	for <notmuch@notmuchmail.org>; Thu,  8 Mar 2012 09:04:44 -0800 (PST)
Received: from 095-097-039-212.static.chello.nl ([95.97.39.212] helo=localhost)
	by hackervisions.org with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.72) (envelope-from <james@jamesvasile.com>)
	id 1S5glg-0004n7-9t
	for notmuch@notmuchmail.org; Thu, 08 Mar 2012 12:04:44 -0500
From: James Vasile <james@hackervisions.org>
To: notmuch mailing list <notmuch@notmuchmail.org>
Subject: Re: a DoS vulnerability associated with conflated Message-IDs?
In-Reply-To: <87k42vrqve.fsf@pip.fifthhorseman.net>
References: <87k42vrqve.fsf@pip.fifthhorseman.net>
User-Agent: Notmuch/0.11.1+206~gf3628de (http://notmuchmail.org) Emacs/23.3.1
	(i486-pc-linux-gnu)
Date: Thu, 08 Mar 2012 12:04:36 -0500
Message-ID: <87ipif2fdn.fsf@wyzanski.jamesvasile.com>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha1; protocol="application/pgp-signature"
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Mar 2012 17:04:45 -0000

--=-=-=

On Thu, 08 Mar 2012 11:37:09 -0500, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
> Any ideas on how to approach this?

Treat messages with the same ID but different hashes as different?

--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJPWOakAAoJECaDklOuuidYL+gH/0pQ8aLH65Fjle01nfgqfehx
c29lvq76jbdxLIcrqR1vpp0U7PfE3zBofVI+aAL2r9oe/HcMcpyAKMJboFgyu6Ok
pqZfnbizCaPWiF1TfTvkfSjLueGx0dRqUZ5DVar0lDa1+W/n7df/yQFeMjAibdXQ
H7H+1kJHVc4uE2SWGCXKtCd6moH2xn6t/Gc7sJ/ZexSUylqLc3RXoyu/cfQ109Ag
z7RGM5PbSyA3cmzCP8lsWqekm//er/5MdhGMOmKA8QB7IGoWQzejQwPq7R2tPavV
yLVCjXWeZ3XuD7UZciDCbmxXtWguXEUe9x2mU5EUOWlcTXJzKhr0o+1AMP1+99M=
=ASCf
-----END PGP SIGNATURE-----
--=-=-=--