Watermarking returns+ graphical signatures

Matt Hampton matt at coders.co.uk
Fri Jul 13 20:28:09 IST 2007


Glenn Steen wrote:
> Right, so how crackable will this be? Some of the headers will be ever
> the same, as will the secret... I suppose you've added in some headers
> that will change? and something else? so that it isn't obvious, with a
> little knowledge, how to brute force the secret... and then have a
> "highway" past MailScanner... Which would be, obviously, very bad...:)

Hey it weren't my idea ;-)

The current code only contains the milter-null functionality which is
currently not working due to a mixup between me and jules.

The hash is calculated based on

a secret,
Subject
Date
From
To
User-Agent
Message-ID
An expiry time

Is that enough for you? :-)

matt



More information about the MailScanner mailing list