Dear Krullen Van De Trap,
In message <20200920144832.CEAFA306467D@mailuser.nyi.internal> you wrote:
sort -k 3 | sort -k 2
I don't think that does what you intend.
Anything achieved by the first sort is discarded by the second.
Indeed it does not.
Attached is a better version. I switched it also to use the unit
separator (number 31, like number 29 but for fields of a record).
So now the unnecessarily complex attack is to send a unit separator,
and the simple attack is still to send the exact same message-id.
I suppose you can check SPF, &c to mitigate either attack.
This does not work for me either.
It appears to have problems with messages that have no message-id
field at all (like those being archived throu a Fcc: header). In
this case, $key will in my case look like this: '|wd@denx.de' and
all such messages will be flaged as dupes.
Best regards,
Wolfgang Denk
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd@denx.de
What we think, or what we know, or what we believe, is in the end, of
little consequence. The only thing of consequence is what we do.
- John Ruskin