Re: a DoS vulnerability associated with conflated Message-IDs?

Subject: Re: a DoS vulnerability associated with conflated Message-IDs?

Date: Sat, 10 Mar 2012 12:38:44 -0500

To: Jeremy Nickurak, notmuch

Cc:

From: Tom Prince


On Thu, 8 Mar 2012 10:38:32 -0700, Jeremy Nickurak <not-much@trk.nickurak.ca> wrote:
> On Thu, Mar 8, 2012 at 10:16, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
> > Any other suggestions or ideas?
> 
> What about representing the contents from both message in one apparent message?
> - ...
> - If the bodies disagree, display both.

We'd probably need to do some like doing a diff. I find it annoying
enough displaying both text and html copies of a mail. Displaying two
copies of a message, just because one of them has a few extra lines as a
footer would be equally annoying.

Maybe it would be enough to ignore the signature too, when comparing messages?

Thread: