Author: Phil Pennock Date: To: Jan Ingvoldstad CC: exim users Subject: Re: [exim] EBL: blacklist for email addresses in Reply-To and
message bodies
On 2017-06-29 at 10:20 +0200, Jan Ingvoldstad via Exim-users wrote: > On Wed, Jun 28, 2017 at 9:27 PM, Phil Pennock <pdp@???> wrote:
> > There could stand to be some privacy implications discussion too --
> > you're sending out, over the wire in unencrypted DNS packets, a
> > predictable derivation of the Reply-To: header received for every email
> > from a given domain. Using a cryptographic checksum protects against
> > casual snoopers knowing, but does not protect against those with a
> > dictionary of email addresses generating a reverse map and using that
> > for lookups, so undermines a chunk of the TLS-by-default work going on
> > by leaking metadata. Usual RBLs only leak that there was communication
> > from an IP, which a network traffic sniffer could see anyway.
>
> Although SHA-1 is known to be weak, it's still a bit of work to brute
> force it for a busy mailserver, but for a server that only sees
> occasional traffic, there is legitimate concern.
That's not how a reverse map dictionary works.
Instead, you take the email addresses you care about, hash them, and
just match those values. The reverse map gives you back the email
address you care about, so you know who was talking.
Your favorite acronym agency builds a list of observed hashes, and any
time they get a new email address they care about, they can not only
add it to automated matching, they can go back and look at all past
recorded hashes, to see when email was sent out, to which domains.
