[Top] [All Lists]

Re: "Header Reordering", yet again

2005-05-27 13:30:04

On Fri, 27 May 2005 12:38:54 -0700, Lyndon Nerenberg <lyndon(_at_)orthanc(_dot_)ca> wrote:

On May 27, 2005, at 11:41 AM, Paul Smith wrote:

It's only if something rewrites the headers, or puts the wrong sequence number on when adding a trace header that you'd have a problem

Such as a spammer injecting messages with a bogus trace header index already set to the maximum possible value?

And what's that then?

The only time the spammer gets chance to do anything is when the message is originally sent.

So, lets say they add:

Trace-Header: 10000, faked trace info

All that happens is either the next server says '10000? that's obviously fake - this must be spam' or adds

Trace-Header: 10001, true trace info

so, the spammer's trace info is overridden anyway

(Just like the spammer adding fake trace info in implicitly ordered header fields)

If you're worried about overflows (eg the spammer adding an index of 65535 hoping the next one will wrap around to 0) then you could say that index values can't go over 100, if they do messages must be rejected (as most messages with large numbers of Received: headers are, for loop detection (at much smaller counts than 100). Then, what will the spammer fake? They can't fake anything that will actually do any good!