On Wed, 15 Sep 2004, David Covin wrote: > Two points: > It's fair to argue > that canonicalizing is the more useful policy, but not that it is the > only secure one. Fair enough, with the caveat that it's probably easier to canonicalize than to detect all MIME messages that might possibly be misinterpreted. > 2. Your logic sounds convincing, but interposing a proxy that > systematically changes incoming messages raises red flags in my mind. Indeed. > Yours is a more sophisticated approach, but I still see the > potential for strange interactions between the gateway security > product's MIME implementation and those of sending and receiving > programs. Have you found this to be a problem, for those who've > been using this filter? I have run into some problems, which is why the canonicalization is disabled by default. Regards, David.
