I've found a problem in qualcomm popper (and presumabley others) in that it doesn't check for an existing X-UIDL: headers, but simpley uses it when the client sends in a uidl request. This problem can manifest itself as an effective denial of service attack against microsoft outlook clients because outlook looks for unique uidl's for each message and if there are duplicates it will hang prior to downloading any mail. I've put up a small web site detailing the problem and some possible work arounds/fixes at http://getaclue.org/yoduh/outlook.html
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:51:03 PDT