[INN] #38: Check Newsgroups header of cancel messages

INN rra at stanford.edu
Fri Aug 14 19:00:43 UTC 2009

#38: Check Newsgroups header of cancel messages
 Reporter:  eagle        |        Owner:  eagle
     Type:  enhancement  |       Status:  new  
 Priority:  low          |    Milestone:  2.5.1
Component:  innd         |      Version:       
 Severity:  wishlist     |   Resolution:       
 Keywords:               |  
Changes (by iulius):

  * milestone:  => 2.5.1


 According to RFC 5537 (USEPRO):

     Contrary to RFC 1036 (Horton, M. and R. Adams, “Standard for
 interchange of USENET messages,” December 1987.), cancel control messages
 are not required to contain From and Sender header fields matching the
 target message.  This requirement only encouraged cancel issuers to
 conceal their identity and provided no security.

 The check done on Sender: and From: headers can therefore be removed.

Ticket URL: <http://inn.eyrie.org/trac/ticket/38#comment:2>
INN <http://www.eyrie.org/~eagle/software/inn/>

More information about the inn-bugs mailing list