From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id 7F580431FAF for ; Thu, 19 Jan 2012 19:26:07 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: -0.799 X-Spam-Level: X-Spam-Status: No, score=-0.799 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rGpML9AXnjBD for ; Thu, 19 Jan 2012 19:26:07 -0800 (PST) Received: from mail-qw0-f46.google.com (mail-qw0-f46.google.com [209.85.216.46]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by olra.theworths.org (Postfix) with ESMTPS id 009FF431FAE for ; Thu, 19 Jan 2012 19:26:06 -0800 (PST) Received: by qadc10 with SMTP id c10so151809qad.5 for ; Thu, 19 Jan 2012 19:26:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=from:to:cc:subject:in-reply-to:references:user-agent:date :message-id:mime-version:content-type:content-transfer-encoding; bh=k83eLvp1b9blcJOVO0Ip778Si6nLEl/twSHaIaZtfu8=; b=beN62QqV5q770xiLZsrM8eTm0jGmMULoA/7TEq76m8QrrcdDKbI8X9T5ZFkipizXAq vWGX9AbBbvVbnfpZ04Xk2yMLPOWuVqv86mlX4h/wIPwhnB75mYcnRXDOf95HwZ7++ISg mS2LSd5UQkcrB6um4a8HBj4rANChJZdR2Ru2E= Received: by 10.224.18.201 with SMTP id x9mr10349920qaa.61.1327029965475; Thu, 19 Jan 2012 19:26:05 -0800 (PST) Received: from localhost (c-68-80-94-73.hsd1.pa.comcast.net. [68.80.94.73]) by mx.google.com with ESMTPS id o8sm3761452qaj.0.2012.01.19.19.26.04 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 19 Jan 2012 19:26:04 -0800 (PST) From: Aaron Ecay To: Pieter Praet , Austin Clements Subject: Re: [PATCH] emacs: Quote MML tags in replies In-Reply-To: <87obtzuvmj.fsf@praet.org> References: <1326998589-37187-1-git-send-email-aaronecay@gmail.com> <20120119224842.GS16740@mit.edu> <87obtzuvmj.fsf@praet.org> User-Agent: Notmuch/0.11+73~gd51b784 (http://notmuchmail.org) Emacs/24.0.92.2 (i386-apple-darwin10.8.0) Date: Thu, 19 Jan 2012 22:26:02 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: notmuch@notmuchmail.org X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jan 2012 03:26:07 -0000 On Fri, 20 Jan 2012 00:21:08 +0100, Pieter Praet wrote: > So, would I be right to assume MML tags in signatures are never > evaluated to begin with? Otherwise, there would still be a security > hole, no? I am thinking of MML tags that a user puts in their own signature. If that case is a security hole, then the hole is in the user=E2=80=99s bra= in and not in notmuch. :) --=20 Aaron Ecay