Am 25.06.2013 16:02, schrieb Timo Sirainen: > On 25.6.2013, at 16.52, Reindl Harald <h.rei...@thelounge.net> wrote: > >> Am 25.06.2013 15:28, schrieb Timo Sirainen: >>> Also there are several potential problems.. Like if there are duplicate >>> Message-ID: headers, >>> but the body is different, should that be a duplicate? >> >> the answer is simply *yes* because there must not be the same >> Message-ID's for different messages because the words "single >> unique message identifier" are pretty clear > > I'm more concerned about intentional abuse. For example if you're dropping > duplicate > messages by Message-ID, I could first send this reply to you privately, and > then another > message with same Message-ID: but different content to the mailing list, and > you'd never > know it without looking into the archives from web.
this is very much theory und unlikely as well as only for this specific example possible where you send both messages this way nobody is able to guess a message-ID of a regular message and replace it and veen if he knows he needs to be faster with hiss fake as the origin message - very very unlikely > Also I wouldn't be surprised if there still were some crappy webforms that > always sent the same Message-Id.. well if we take care of such crap we can stop read any RFC and would need to disable any spamfilters which especially for score based filters rely on common standards hence, these days on barracuda spamfirewall you get even a FULL score point if you send a HTML-message and subject/html-title differs
signature.asc
Description: OpenPGP digital signature
