Hi grarpamp, On Tue, Apr 16, 2013 at 11:34:49PM -0400, grarpamp wrote: > mutt didn't need that header to operate well in the original folder. > In general, can't think of any reason to modify any Maildir message on disk > and view this as tainting the msgs with unecessary and un-asked-for mods.
well, they don't really hurt, but may even help mutt and other tools. > And it breaks external indexes of security/archive crypto hashes. > I'm not referring to the msg filename (maildir spec) or its location (as > instructed), just the content of the msg file itself. Well, if you are using sane crypto you are talking PGP and SMIME. Both secure a specific part of the message: the content in form of the body and it's attachments. So if you hash a whole message file on the sender side and do this again on the receiver's side you will end up with guaranteed always false results. There are headers that are supposed to be changed: e.g. the Received headers, the X-Spam-Status as well as DKIM's headers. So if you want to really want good security you always need to check two parts of the message: in case of DKIM the signed headers (where you sign specific headers on the senders side and note this together with the signature) and the content of the message. Usually your receiving MTA should already check if the DKIM signature is correct and maybe even judge to refuse a broken signature (heavily dependent on the setup). > And it also appears to be lying by preserving the msg file modification > time when it adds this header. [1] Well, I don't see any problem with that - the real message has not been changed, only some metadata that help mutt. > Why does mutt do this? A rough assumption from myself only: It does it always, with every mailbox type, and in case of mbox and similar mailbox types a correct content-length help for sure to improve the access. > What else is being surreptitiously modified during mutt operation? Well, I think you should check mutt's codepath yourself if you want to know that exactly. That's why it's called open source. Please answer me one question: what kind of crypto/archive system do you use that does not understand Maildir in it's whole and what kind of use case does it have. Kind regards, Andre -- Andre Klärner
smime.p7s
Description: S/MIME cryptographic signature
