Re: [Full-Disclosure] Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue

[Florian Weimer <fw@xxxxxxxxxxxxx>]

> The first of the four would be the correct behaviour for a security 
> conscious product, but based on empirical research this is not the 
> common result. 

Of course, this violates the robustness principle.

Are there any estimates how much (corporate) mail contains one of the
format violations you described?  I could image that you can't reject
some of them because they are too widespread.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html