Re: No apologies if you receive this multiple times (was CFP: IEEE IC3N'2000)

> More interesting then your denial-of-service attack on yourself is the
> problem of a mailing list that both you and I are on: 
> - you receive a message, and decide to prevent me receiving it
> - you immediately send me a message with the same message-id
> 
> If the mailing list exploder decided to deliver to me later than you
> (especially if it's a large mailing list) you have a good chance of
> denying me receiving a message.

yes, that's my point.   I can just send you a copy of an advertisement
for toner cartridges with the same message-id as the message I don't
want you to see.

> It's hard to come up with a simple scheme to prevent this, since most
> of the obvious things to hash can easily be duplicated, 

not sure what you mean here - my idea is for the recipient's 
user agent (or in your case, message store) to index 
messages received by message-id, but have the potential to 
store duplicates.

so when a message gets received, the message-id is extracted,
and a secure hash is made of the message (minus its received
fields and anything else that seems extraneous).  if there
was another message with that message-id and the same hash,
the new message is ignored.  if there was another message
with the same message-id but a different hash, the new message
is treated as a separate message.

> and you generally want a message with the same message-id but a 
> different body to be repressed --- since it's probably the 
> "[to unsubscribe, blah]" message from a mailing list.

maybe, but the mail system doesn't know for sure.

Keith

Received on Tuesday, 2 May 2000 15:28:05 UTC