> The first of the four would be the correct behaviour for a security > conscious product, but based on empirical research this is not the > common result.
Of course, this violates the robustness principle. Are there any estimates how much (corporate) mail contains one of the format violations you described? I could image that you can't reject some of them because they are too widespread. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
