|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Wietse Venema (wietse_at_porcupine.org)
Date: Mon Feb 03 2003 - 14:59:21 CST
mw-list-postfix-users
csi.hu:
> On Fri, Jan 31, 2003 at 08:18:50PM -0500, Wietse Venema wrote:
> > Either you have solved the problem of assigning globally unique
> > identifiers to objects. This seems unlikely to me.
> >
> > Or, more likely, you allow multiple uses of the same identifier,
> > in which case identifier collisions are by definition possible.
>
> If we could start over: in case of a successful write of tmp/uniq, do
> not remove it, but have the MUA remove it after it removed new/uniq or
> cur/uniq:info.
According to this scheme, the accidental loss of a tmp/uniq file
causes silent loss of mail due to an undetected file name collision.
To fix, the MUA would have to "fsck" missing links back into place.
This is a step backwards in robustness over historical maildir
implementations.
What's worse, your approach won't even let people merge maildirs
without risk of losing mail. This has no simple fix.
This is another step backwards in robustness over historical maildir
implementations.
Maildir naming based on time.VnIn.hostname does not have these
shortcomings. In my opinion, the shortcomings of your approach are
worse than the odds that some adversary is going to manipulate a
server's clock in such a way that after a machine crash, backups
will restore maildir filenames that apparently contain future time
stamps.
Wietse
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]