[INN] #38: Check Newsgroups header of cancel messages
INN
rra at stanford.edu
Fri Aug 14 19:00:43 UTC 2009
#38: Check Newsgroups header of cancel messages
-------------------------+--------------------------------------------------
Reporter: eagle | Owner: eagle
Type: enhancement | Status: new
Priority: low | Milestone: 2.5.1
Component: innd | Version:
Severity: wishlist | Resolution:
Keywords: |
-------------------------+--------------------------------------------------
Changes (by iulius):
* milestone: => 2.5.1
Comment:
According to RFC 5537 (USEPRO):
Contrary to RFC 1036 (Horton, M. and R. Adams, “Standard for
interchange of USENET messages,” December 1987.), cancel control messages
are not required to contain From and Sender header fields matching the
target message. This requirement only encouraged cancel issuers to
conceal their identity and provided no security.
The check done on Sender: and From: headers can therefore be removed.
--
Ticket URL: <http://inn.eyrie.org/trac/ticket/38#comment:2>
INN <http://www.eyrie.org/~eagle/software/inn/>
InterNetNews
More information about the inn-bugs
mailing list