Closed
Bug 765897
Opened 12 years ago
Closed 8 years ago
Insufficient salting of Message-IDs
Categories
(MailNews Core :: Backend, defect)
MailNews Core
Backend
Tracking
(Not tracked)
RESOLVED
FIXED
Thunderbird 45.0
People
(Reporter: mnyromyr, Unassigned)
References
Details
(Whiteboard: [fixed by bug 902580])
nsMsgCompUtils.cpp::msg_generate_message_id calls GenerateGlobalRandomBytes to fill PRUInt32 salt. But GenerateGlobalRandomBytes will fill these 4 bytes only with values between 0 and 9, effectively creating only 10000 different salts! Given that we usually use the email address domain as the FQDN, this means that message-id collisions are way too likely, especially for big freemail providers like GMail and others.
Reporter | ||
Comment 1•12 years ago
|
||
To make it clear: this means that only 10000 mails written in the same second with the same domain will cause a message-id collision.
Comment 2•9 years ago
|
||
We should probably start generating longer message ids (too). It seems some servers think they are too short and add data to them which means threading breaks. I've especially noticed this with list mails from Wayne.
Comment 3•8 years ago
|
||
Fixed by bug 902580.
Status: NEW → RESOLVED
Closed: 8 years ago
Depends on: 902580
Resolution: --- → FIXED
Whiteboard: [fixed by bug 902580]
Target Milestone: --- → Thunderbird 45.0
You need to log in
before you can comment on or make changes to this bug.
Description
•