Hello,
After various SMTP protocol checks and delays, greylisting, and
spamassassin, I find that the only undesired messages I still get are
"collateral spam": delivery status notifications, "virus found"
bounces, etc. Now I want to tackle those.
Basically, I want to use a "local_part_suffix" on the sender address of
outgoing messages, and match against this on incoming messages with a
NUL sender (DSNs, sender callback verifications...). This suffix
should be a hash value that is unique for each message, perhaps based
on $tod_epoch (seconds since epoch). That way, I have the ability to
accept only those recipient address hashes that have been created
during, say, the last week or so.
Moreover, to make it impossible for spammers to circumvent this
control, I would ideally want to use a secret to encode this hash, and
the same secret to decode the local_part_suffix of incoming recipients.
So, for instance, a ${base62:$tod_epoch} expansion will _not_ be what
I am looking for.
Question #1: Does Exim directly or indirectly (e.g. via ${perl...})
support any two-way hashing mechanism, i.e:
value + secret -> hash
hash + secret -> value
Question #2: Does anyone else incorporate something along these lines?
Would you care to share some configuration snippets?
Thanks in advance!
-tor