Re: [Simple] <note> in IMDN

[Dean Willis <dean.willis at softarmor.com>]

On May 25, 2008, at 7:57 AM, Eric Burger wrote:

> Almost all of the fields in IMDN are verbatim copies of the IM, which
> means an automaton can filter spoofed IMDN's.  Just about all of the
> fields have some protocol semantic value.  However, the <note> field
> is a spam delivery vector that has no protocol value.  That is my
> issue with it: no value *and* a method to introduce spam.  That does
> not sound like a winning combination.

A lot of the spam on the IETF servers comes from forged "bounce"  
messages. If a message looks like a bounce sent in response to a  
message that might have come from the IETF list, it is very difficult  
to weed out. For example, as sip-owner, I get a couple of hundred  
forged bounce spams a day. Does IMDN share this property? It feels to  
me like it might. Now personally, I wanted IMDN totally banned from  
the deliverables; it has proven to be a nightmare in the email world,  
and I bet it is going to cause us grief. But if we must do it, let's  
make it as safe as possible.

The unconstrained MIME body is a related problem. Since it is there in  
an IMDN, it could be populated with stuff of the sender's choosing.

Much more so than some arbitrary quoted-string in a SIP header, a MIME  
note body (just like a MIME message body) is likely to get parsed out  
and handed over to the OS-registered handler for the associated MIME  
type. Many of those handlers have security flaws.

So are we building an attack vector that can't readily be stopped by  
spam-defense techniques and that is likely to result in malicious code  
execution? Just how smart is that?

--
Dean




_______________________________________________
Simple mailing list
Simple at ietf.org
https://www.ietf.org/mailman/listinfo/simple