Dave Funk wrote:
Nah - I really don't like it that way; it doesn't really bring you any
benefit and is more likely to cause collisions if you do it that way.
Don't see how it can cause less DNS traffic either. At least using MD5
hashes your DNS query will only be 32 characters + blacklist zone name
regardless of the size of the input string.
To reduce the likelihood of collisions then it's better to add the input
string length at the end of the md5 like ClamAV does in it's MD5 sigs
e.g.
s...@laptop-smf:~$ perl -MDigest::MD5 -e '$email="s...@fsg.com"; print
Digest::MD5::md5_hex($email).length($email).".emailbl.org\n"'
c18782f8d94595d5e016e3ab9ab3f8f610.emailbl.org
This also has the benefit of making it impossible to reverse the list if
the spammer were to rsync the list.
Silly question, given that RFC-2181 says that you can put almost anything
you want into a DNS zone file, why go to the bother with the munging,
why not just put the raw unadulterated e-mail address in there and do
direct queries on it?
EG: nslookup syst...@administrativos.com.marc.icaen.uiowa.edu.
Assuming you're running reasonably up-2-date DNS stuff it does just work.
You can also put pretty much any character you want in an email address
local part. Eg, this is a valid email address...
"Personal em...@o'Reilly, Peter"@example.com
MD5 is cryptographically secure enough for this purpose. Just hashing
the entire address with md5 is the simplest and most workable solution.
I expect it would be simple to use such a bl in all modern mta's without
too much hacking. Eg, in Exim, the configuration to look up such an
address against an emailbl called "example.com" would be (untested):
deny dnslists = example.com/${md5:$sender_address}
message = $sender_address is listed on $dnslist_domain
--
Mike Cardwell
(https://secure.grepular.com) (http://perlcv.com/)
