On 2/7/2010 11:50 AM, John Levine wrote:
Since the reports all contain a message that was supposed to be
delivered by the system to which it was returned, a straightforward
way to recognize real reports would be to check the enclosed message
to see if it looked like something it had delivered. That seems much
more robust against both malicious forgery, and plain old mistakes
where an MUA picks up mail from two different places and sends the
report to the wrong one.
encoding per-channel information in a per-message package is a mismatch that
could be problematic.
most seriously is the possibility of trust boundary issues that has already been
raised. i had a further thought on that issue, which is about unintentional
disclosure through forwarding.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg