Rob McEwen wrote:
If you're worried about spammers gaming the hash system
Most likely, they won't care. They'll happily pursue the "low hanging
fruit". The only exception is if/when freemail ISPs started using such a
list to start investigating individual accounts for possible
termination. But, even then, that is a good problem to have.
Personally, I think the obfuscation is overkill. Instead, I'd prefer to
change the "@" symbol to an underscore (and any other minor change that
might be needed to work with dns queries) and be done with it. This
would also make the implementation easier, and research by ISPs easire.
It would definitely require a hashing algorithm, like MD5. IIRC there is
a maximum length for a hostname, and that is 255 characters. What if the
hostname in your email address is 255 characters long on it's own...?
Having access to the plain text email address would only make it easier
for ISPs to do anything if they had access to the zone file. In which
case, you could just give them access to a separate list which has the
email addresses in plain text. Alternatively, just stick the original
email address in the TXT record. So in rbldnsd, you'd have a record like
this:
98f22901b17b13d910456597685c1963 :127.0.0.1:the.r...@email.address
Doing an A record lookup on 98f22901b17b13d910456597685c1963.example.com
would return "127.0.0.1" and doing a TXT record returns
"the.r...@email.address". There's no advantage of sticking the email
address in the TXT record rather than having a separate file, apart from
keeping the data together.
--
Mike Cardwell
(https://secure.grepular.com/) (http://perlcv.com/)
