[MlMt] Inline images using Markdown

[Bill Cole]

On 5 Apr 2013, at 13:57, Benny Kjær Nielsen wrote:

> The Content-ID is (should be) unique and therefore you cannot 
> reference anything you don't already know.

Content-ID suffers from collision risks akin to those seen in 
Message-ID. The most important gap is that agents creating ID's have a 
history of using domain-parts that are also used by a potentially very 
large and unknowable universe of other agents. Some mailer might think 
'sequencenumber at localhost.localdomain' is perfectly fine, but it isn't 
going to be: there are a bazillion mismanaged Linux machines that 
believe themselves to be localhost.localdomain. A UUID in the local-part 
is the right way to go, but that's a rare practice.

> I could, of course, offer an option for forbidding cross-message cid: 
> references.

That would be prudent. This seems to me to be a (minor) security issue.  
I haven't thought up a detailed attack model, but it might be useful in 
some forms of "spearphishing" and in filter evasion.

In principle, each message should be considered in isolation when 
rendering it: references to data external to a message shouldn't be 
resolved automatically, whatever the URL scheme. Messages these days 
routinely run a gauntlet of filters to get delivered, which in some 
cases (e.g.SpamAssassin) include meta-rules that but significant scoring 
weights on combinations of individually trivially-weighted rules. A 
feature that enables a sender to pull together elements from multiple 
messages (perhaps delivered over an extended time or even to multiple 
accounts) into a single message rendering is a bad idea.

>
>> (I am also uneasy about the whole concept of rendering markup in 
>> text/plain parts on principle, but I expect
>> that's an unwinnable argument)
>
> I would certainly have preferred that the markup for inline images was 
> more “natural” like the rest of the Markdown markup. I chose 
> Markdown because it generally looks just like plain text (and because 
> it is already based on email syntax).

I'm not against Markdown as a tool to generate HTML for those who want 
to engage in such behaviors, but I'd very much like a way to switch off 
interpretation of Markdown in message windows. For myself, I'll shortly 
be adding a header_checks rule to my personal Postfix config to knock 
markup=markdown out of Content-Type headers on all mail. It's a 
misfeature in concept, not merely in implementation.