On Tue, 28 Apr 2009, Mike Cardwell wrote:
Alternatively, just stick the original email address in the
TXT record. So in rbldnsd, you'd have a record like this:
98f22901b17b13d910456597685c1963 :127.0.0.1:the.r...@email.address
I was going to suggest that. Another thing to put in the TXT record might
be a URL to evidence - e.g. (one of) the phishing emails containing that
address as the contact point.
There's no advantage of sticking the email address in the TXT record
rather than having a separate file, apart from keeping the data
together.
Ease of access?
OTOH, if you're (not you, Mike) going to host this data, you'll probably
have a webby interface for interactive lookups, and that might be the
proper way to publish the evidence. If the email address typed into the
web form hits, offer a link to view the evidence supporting the listing.
I don't think there's any reason to keep the email address or the evidence
(suitably sanitized of the targeted victim's contact information)
confidential.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Windows Genuine Advantage (WGA) means that now you use your
computer at the sufferance of Microsoft Corporation. They can
kill it remotely without your consent at any time for any reason;
it also shuts down in sympathy when the servers at Microsoft crash.
-----------------------------------------------------------------------
10 days until the 64th anniversary of VE day
