Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes: > On Fri 2017-08-04 16:42:54 -0400, David Bremner wrote: >> Peter Wang <novalazy@gmail.com> writes: >> >>> On Thu, 08 Mar 2012 11:37:09 -0500, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: >>>> notmuch currently treats all messages with the same Message-ID as >>>> the same message. I think this could be a vulnerability :( >>>> >>>> If two messages have the same Message-ID, is there a guarantee of which >>>> of these messages will be produced during a notmuch show? >>>> >>>> Either way, it seems to create a potential DoS attack on notmuch users. >>> >>> Yesterday I was expecting a confirmation message which, seemingly, never >>> came. It turns out my maildir already contained a message from the >>> same system. From three years ago. With the same Message-ID. >>> >>> Malice has nothing on incompetence. >>> >>> Could we distinguish messages with identical Message-IDs based on >>> some header fields, e.g. Date, From? >> >> I wouldn't say this problem is fixed, but we are making some >> progress. In master all copies of the file are now indexed. It still >> needs various UI work before we can consider the problem really fixed, >> but it is now technically possible to detect such an attack (since the >> "good terms" are also indexed). > > otoh, we now enable some additional (perhaps weirder) attacks, like: > > * i can make someone else's mail show up in your mailbox with a search > term of my choosing by sending you a new mail co-opting their > message-id. > > we definitely need some UI for dealing with this, and perhaps some > explicit de-duping logic or maintenance scripts would be useful too. > > --dkg There is now a simple UI for dealing with duplicate messages in the emacs UI (as of commit 1ef7c75111b84ea19af3186ddc12f2ba434c93de, which should be part of 0.37). _______________________________________________ notmuch mailing list -- notmuch@notmuchmail.org To unsubscribe send an email to notmuch-leave@notmuchmail.org