http://bugzilla.spamassassin.org/show_bug.cgi?id=3331
------- Additional Comments From [EMAIL PROTECTED] 2004-08-09 13:15 ------- > The plaintext token is meant to be informational at this point, > so I think even limiting small (32-96) is fine. I'm ok with that as long as there is some truncation at the front end too so that the token size is not open-ended. Umm, maybe that already is the case because of the way tokens are generated? Do any other limits on header size or line size in bodies or something else set a natural limit on token size? If the way we have things coded now means that super large tokens will not DoS the parsing of tokens or the computation of the hash, then I am fine on truncating at the backend: The "informational only" argument isa convincing to me. ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
