Re: "Header Reordering", yet again

On Fri, 27 May 2005 12:38:54 -0700, Lyndon Nerenberg <lyndon(_at_)orthanc(_dot_)ca>  
wrote:
> On May 27, 2005, at 11:41 AM, Paul Smith wrote:
>
> > It's only if something rewrites the headers, or puts the wrong sequence  
> > number on when adding a trace header that you'd have a problem
> Such as a spammer injecting messages with a bogus trace header index  
> already set to the maximum possible value?
And what's that then?

The only time the spammer gets chance to do anything is when the message  
is originally sent.
So, lets say they add:

Trace-Header: 10000, faked trace info

All that happens is either the next server says '10000? that's obviously  
fake - this must be spam' or adds
Trace-Header: 10001, true trace info

so, the spammer's trace info is overridden anyway

(Just like the spammer adding fake trace info in implicitly ordered header  
fields)

If you're worried about overflows (eg the spammer adding an index of 65535  
hoping the next one will wrap around to 0) then you could say that index  
values can't go over 100, if they do messages must be rejected (as most  
messages with large numbers of Received: headers are, for loop detection  
(at much smaller counts than 100). Then, what will the spammer fake? They  
can't fake anything that will actually do any good!