On 5/4/20 3:09 PM, Jeff Mincy wrote:
You will have to write a perl plugin for SpamAssassin that finds passwords in an email message and MD5 hashes those passwords and compares against a list of previously saved hashed passwords. The list of passwords could be stored in various ways.
ACKIdentifying what is and is not a password might be error prone. I suspect it might be more efficient (for the programmer) to simply (salt and) hash every word (possibly over a specific length) in the message and compare that to the list of (salted) hashes. Sure, it's somewhat brute force. But if it's only applied to messages with the proper criteria, it might be acceptable.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
