| ▲ | realusername 3 hours ago | |||||||
Interesting, but what do you gain to send an email which you know will not land? | ||||||||
| ▲ | ZoneZealot 3 hours ago | parent | next [-] | |||||||
They mean to send an email in advance, with a message ID that would later be used in the target email. First email gets ignored, moved to spam, or not read yet. Then the target email gets sent with the predicable message ID, and gets bounced. Comments on issues use the format <[OrgName]/[RepoName]/issues/[IssueNumber]/[CommentID]@github.com> A mitigation to this would be to take the combination of message ID and the sending domain and use that as the unique value, because message ID is not guaranteed to actually contain a domain label that's owned by the sender. For example SendGrid's message IDs are <[RandomValue]@geopod-ismtpd-[Integer]>. | ||||||||
| ||||||||
| ▲ | fweimer 3 hours ago | parent | prev [-] | |||||||
If I send it first, the real message won't get delivered. The real message could be be a newly reported security issue. | ||||||||