Re: [exim] Re: Sanity check: ACL to block fake sender addres…

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: John W. Baxter
Data:  
Para: exim-users
Assunto: Re: [exim] Re: Sanity check: ACL to block fake sender addresses
On 11/18/05 9:53 AM, "Ian Eiloart" <iane@???> wrote:

> Then, we'd probably use an MD5 hash of the
> sender address, a secret and something time sensitive.


MD5 and "time sensitive" in the same sentence is "worrysome". That's a
feature of MD5.

$md5 -s xyz00:00
MD5 ("xyz00:00") = 1f43f419a60407190d86ecd86d5a9231
$md5 -s xyz00:01
MD5 ("xyz00:01") = 7a41191668698f90703c570930c98588
$

So you probably would do something else, or use a coarse-grained time such
as the day and be willing to try at least one prior day's hash if today's
fails. ;-)

--John