#3752: default user_agent to no
---------------------+----------------------
Reporter: ilf | Owner: mutt-dev
Type: defect | Status: new
Priority: major | Milestone:
Component: mutt | Version:
Resolution: | Keywords:
---------------------+----------------------
Comment (by ossi):
the reasoning given makes no sense at all.
an argument i'll buy is that voluntarily identifying the software you use
is kinda stupid from a security perspective, as a potential attacker can
send you mails crafted to exploit specific vulnerabilities in your
software.
however, i'll also note that not adding the header doesn't buy that much
security - fingerprinting (e.g., the presence, order, formatting, etc. of
other headers and MIME structures) can give away the agent, as can the
context of the communication (yep, meta data).
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3752#comment:1>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
