On 5 Apr 2013, at 13:57, Benny Kjær Nielsen wrote:
The Content-ID is (should be) unique and therefore you cannot
reference anything you don't already know.
Content-ID suffers from collision risks akin to those seen in
Message-ID. The most important gap is that agents creating ID's have a
history of using domain-parts that are also used by a potentially very
large and unknowable universe of other agents. Some mailer might think
'sequencenumber@localhost.localdomain' is perfectly fine, but it isn't
going to be: there are a bazillion mismanaged Linux machines that
believe themselves to be localhost.localdomain. A UUID in the local-part
is the right way to go, but that's a rare practice.
I could, of course, offer an option for forbidding cross-message cid:
references.
That would be prudent. This seems to me to be a (minor) security issue.
I haven't thought up a detailed attack model, but it might be useful in
some forms of "spearphishing" and in filter evasion.
In principle, each message should be considered in isolation when
rendering it: references to data external to a message shouldn't be
resolved automatically, whatever the URL scheme. Messages these days
routinely run a gauntlet of filters to get delivered, which in some
cases (e.g.SpamAssassin) include meta-rules that but significant scoring
weights on combinations of individually trivially-weighted rules. A
feature that enables a sender to pull together elements from multiple
messages (perhaps delivered over an extended time or even to multiple
accounts) into a single message rendering is a bad idea.
(I am also uneasy about the whole concept of rendering markup in
text/plain parts on principle, but I expect
that's an unwinnable argument)
I would certainly have preferred that the markup for inline images was
more “natural” like the rest of the Markdown markup. I chose
Markdown because it generally looks just like plain text (and because
it is already based on email syntax).
I'm not against Markdown as a tool to generate HTML for those who want
to engage in such behaviors, but I'd very much like a way to switch off
interpretation of Markdown in message windows. For myself, I'll shortly
be adding a header_checks rule to my personal Postfix config to knock
markup=markdown out of Content-Type headers on all mail. It's a
misfeature in concept, not merely in implementation.
_______________________________________________
mailmate mailing list
mailmate@lists.freron.com
http://lists.freron.com/listinfo/mailmate
