#3752: default user_agent to no ---------------------+---------------------- Reporter: ilf | Owner: mutt-dev Type: defect | Status: new Priority: major | Milestone: Component: mutt | Version: Resolution: | Keywords: ---------------------+----------------------
Comment (by ossi): the reasoning given makes no sense at all. an argument i'll buy is that voluntarily identifying the software you use is kinda stupid from a security perspective, as a potential attacker can send you mails crafted to exploit specific vulnerabilities in your software. however, i'll also note that not adding the header doesn't buy that much security - fingerprinting (e.g., the presence, order, formatting, etc. of other headers and MIME structures) can give away the agent, as can the context of the communication (yep, meta data). -- Ticket URL: <http://dev.mutt.org/trac/ticket/3752#comment:1> Mutt <http://www.mutt.org/> The Mutt mail user agent