On Thu, 30 Jul 2015, Reindl Harald wrote:
Am 29.07.2015 um 23:34 schrieb John Hardin:
On Wed, 29 Jul 2015, Paul Stead wrote:
> On 29/07/15 18:11, Benny Pedersen wrote:
> >
> > Henrik krohn did create a emailbl.pl but it was droppede later, it
> > Was
> > designede very well, i have tryed Google it, but seems impossible to
> > get links to it now.
>
> I have got a copy of Henrik's code - I'm not sure on the procedure about
> uploading this.
>
> The essential formula is
>
> strtolower(md5(<email>)).<blacklistaddress>
Is the chance of collision introduced by that strtolower() acceptable in
this application?
besides that it was corrected - the strtolower needs to be inside the md5 -
which collissions? you want a mail-address matching independent of
y...@example.com or y...@example.com, otherwise a spammer would trick you with
mybadadr...@example.com
Collisions based on losing the case of the base64 string. I'm aware that
the email address should be case-insensitive. I responded to that before
fully catching up, so I hadn't seen the correction.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
How do you argue with people to whom math is an opinion? -- Unknown
-----------------------------------------------------------------------
7 days until the 280th anniversary of John Peter Zenger's acquittal
