Le 16 juil. 09 à 23:05, Timo Sirainen a écrit :
On Thu, 2009-07-16 at 22:57 +0200, Geert Hendrickx wrote:
On Thu, Jul 16, 2009 at 04:30:00PM -0400, Timo Sirainen wrote:
Some time ago I added the ability for IMAP clients to fetch
messages'
GUIDs using FETCH X-GUID command. Because of a bug it wasn't
working in
1.2.0 or 1.2.1, but I've fixed it now. But now I'm starting to
wonder:
With Maildirs the GUIDs are the maildir base filenames, which
contain
host names. Is it a bad idea to expose them to users?
Why?
I don't know. That's why I'm asking. :)
Users can see hostnames in eg. Received headers as well?
The SMTP servers' headers, sure. That's a pretty known issue. And
maybe
some even filter out some Received headers before going outside.
What shouldn't be allowed wrt RFC rules, unless I'm wrong: at any
time, the user should be able to trace the path of a received message
(an SMTP server MUST add a Received header, never remove or modify
such a header).
With large installations with multiple servers that could allow user
to
see e.g. if they're on the same server as someone else they know, or
when they get moved to a different servers, etc.. But is this a real
issue? Maybe not.
I tend to agree with the latter.
First, hiding the info would tend towards security through obscurity.
Second, it is very likely that the info would anyway be leaked through
some other parts of the transport layers.
Third, one may hope that the security of smtp/imap/pop softwares
doesn't depend on the availability of such info. ;-)
But it could be very likely that I just missed your concern, in which
case please don't hesitate to position back the thing!
Axel
