On Wed, Aug 28, 2002 at 02:36:30PM -0400, Peter Williams wrote:
On Wed, 2002-08-28 at 14:14, Mertens Bram wrote:On Wed, 2002-08-28 at 20:06, Antonio Bemfica wrote:This is trivial to do using procmail (by checking the Message-ID header). You can get a bit more sophisticated and do an MD5 hash of the body of incoming messages and store it on a database (dbtool, for example: http://www.daemon.de/dbtool/). If you or anyone else is interested I can post a recipe that does the above.Well I certainly am interested! I don't know anything about procmail though, would I have to configure much to get this working? I am running Evo 1.0.8 btw...You don't want to detect duplicates based on message-id; it's trivial for an attacker to prevent you from seeing a given message, and the same problem could happen even without malicious intent. Peter
What would an attacker gain by falsifying a message-id? I dont wish to provoke jihad, but the keystroke sequence "D~=<CR>" is all mutt needs to mark (all but 1) messages with duplicate ID's for deletion. Of course this is the evolution list so most readers probably are not using mutt. Perl's Mail::Audit tools could probably do the job transparently. MD5 Hash, even if it were instantaneous would not fit the bill for dup messages that arise from CC artifacts. I guess you could combine the 2 methods. Select deletion candidates by nominating via dup message-id and only run MD5 against header-striped versions of the dup-ID nominations. Then delete all but 1 of the messages that share the same MD5. It would probably run pretty fast as long as you didn't need a seperate image activation everytime you run MD5. JPK -- GnuPG: ECBA EA08 C3C1 251E 5FB5 D196 F8C8 F8B7 AB60 234D
Attachment:
pgpKwSYwj1OxD.pgp
Description: PGP signature