Robert Haas <> writes:
> On Wed, Nov 30, 2016 at 1:50 PM, Greg Stark <> wrote:
>> I can't say I feel especially strongly either way on this but just to
>> toss out a small thing that might make a small difference....
>> If you happen to know how your message-ids are generated then you
>> might be able to do something useful with them. For instance, you
>> could search all git commits for urls to messages you wrote -- for
>> instance any commit that has CAB7nPq is referencing a message written
>> by Michael Paquier.
>> On the other hand you could put something naughty in the message-id
>> forcing everyone else to use URLs with dirty words in them. Or with
>> words like "terrorist" in them. Or with some javascript/html injection
>> attack of some sort...

> ...or the name of your company/your email hosting provider's company...

I think this is a straw man.  We've already decided to use message-IDs
as the basic identity of messages for this purpose; other proposals
were considered before and rejected as too inconvenient.

When and if somebody tries to game that, we can do something about it,
but I'm not very worried.  It's not like it's not trivial to get your
company's name, or $badword of your choice, into the archives already.
The former is more or less standard practice, in fact, as per this
very message:

> -- 
> Robert Haas
> EnterpriseDB:
> The Enterprise PostgreSQL Company

                        regards, tom lane

Sent via pgsql-hackers mailing list (
To make changes to your subscription:

Reply via email to