On Fri, Apr 17, 2020 at 02:24:22PM -0400, Remco Rijnders wrote: > The Message-ID that mutt generates is supposed to be unique. Up till now > mutt would generate this ID based on the current date and time, followed by > ".G". followed by a letter A to Z (A for the 1st and 27th email sent, Z for > the 26th, etc.), followed by the pid of the active mutt process, followed > by "@" and the configured hostname.
This is utterly pointless. This may come off as harsh but please understand that's not intended. I just want to be completely clear hee so there is no misunderstanding or equivocation. None of the information you just listed is sensitive, and almost all of it is already REQUIRED to be present in the message: - The date and time will be in at least one, probably multiple headers, guaranteed; and quite possibly the message body, depending on the user's habits. REQUIRED. - The "hostname" is usually the sender's domain, not their actual hostname, unless left unconfigured in Mutt. Regardless of which thing it is, it's going to be all over the message headers for the vast majority of Mutt users. In those cases when it won't, the user's IP address will be in them at least once (and might be anyway, depending on how the user emits mail into the SMTP ether and who it is talking to). REQUIRED. - the PID is the only thing that could possibly be vaguely useful to an attacker, but only if they're already able to get onto the user's system, in which case finding out the PID will be trivial anyway. POINTLESS. - From the sequential letter portion, you can only determine that the modulo 26 of the number of messages sent, not the number of messages. That's not useful information for anything, and I doubt the actual number of messages sent in a given mutt session reveals anything useful either, even if it were available--you still have no idea if the session has been running for 10 minutes or 10 years. MEANINGLESS. - the rest is arbitrary noise. MEANINGLESS. Besides all that, Mutt already provides a means of you to eliminate any information leak in the message ID via $edit_headers, but again, making use of that facility for that purpose is pointless. I haven't reviewed the patch, but it does nothing useful, so my main objection is that taking the time to review it, let alone apply it, is a waste of anyone's time. And yes, we've had this conversation before. In 2001: https://marc.info/?l=mutt-dev&m=100428813825414&w=2 -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
signature.asc
Description: PGP signature
