A Message-ID should be globally unique. Currently mutt generates this ID
based on the current date and time, followed by ".G", followed by a letter
A to Z (A for the 1st and 27th email sent, Z for the 26th, etc.), followed
by the pid of the active mutt process, followed by "@" and the configured
fqdn.
This can lead to information being leaked as to an users email habits and
activities, which might be undesirable.
By replacing everything left of the "@" in the Message-ID with a timestamp
(seconds since epoch) and 96 bits of Base64 encoded randomness, we no
longer include this information and simplify the timestamp generation code
at the same time.
---
sendlib.c | 14 ++++----------
1 file changed, 4 insertions(+), 10 deletions(-)
diff --git a/sendlib.c b/sendlib.c
index 77c14e8f..7cc3a7d2 100644
--- a/sendlib.c
+++ b/sendlib.c
@@ -80,8 +80,6 @@ const char B64Chars[64] = {
'8', '9', '+', '/'
};
-static char MsgIdPfx = 'A';
-
static void transform_to_7bit (BODY *a, FILE *fpin);
static void encode_quoted (FGETCONV * fc, FILE *fout, int istext)
@@ -2397,19 +2395,15 @@ const char *mutt_fqdn(short may_hide_host)
char *mutt_gen_msgid (void)
{
char buf[SHORT_STRING];
- time_t now;
- struct tm *tm;
+ char randomness[17];
const char *fqdn;
- now = time (NULL);
- tm = gmtime (&now);
+ mutt_base64_random96(randomness);
+
if (!(fqdn = mutt_fqdn(0)))
fqdn = NONULL(Hostname);
- snprintf (buf, sizeof (buf), "<%d%02d%02d%02d%02d%02d.G%c%u@%s>",
- tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, tm->tm_hour,
- tm->tm_min, tm->tm_sec, MsgIdPfx, (unsigned int)getpid (), fqdn);
- MsgIdPfx = (MsgIdPfx == 'Z') ? 'A' : MsgIdPfx + 1;
+ snprintf (buf, sizeof (buf), "<%ld.%s@%s>", time(NULL), randomness, fqdn);
return (safe_strdup (buf));
}
--
2.26.2
