Watermarking returns+ graphical signatures
Glenn Steen
glenn.steen at gmail.com
Fri Jul 13 22:32:26 IST 2007
On 13/07/07, Matt Hampton <matt at coders.co.uk> wrote:
> Glenn Steen wrote:
> > Right, so how crackable will this be? Some of the headers will be ever
> > the same, as will the secret... I suppose you've added in some headers
> > that will change? and something else? so that it isn't obvious, with a
> > little knowledge, how to brute force the secret... and then have a
> > "highway" past MailScanner... Which would be, obviously, very bad...:)
>
> Hey it weren't my idea ;-)
>
> The current code only contains the milter-null functionality which is
> currently not working due to a mixup between me and jules.
>
> The hash is calculated based on
>
> a secret,
> Subject
> Date
> From
> To
> User-Agent
> Message-ID
> An expiry time
>
> Is that enough for you? :-)
>
Maybe, i obviously am going to have to look at some code and decide
for myself. . .:) where the key part likely will be the secret itself
and that extra. . . Just want to be extra sure before starting to use
something like this;)
> matt
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
--
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner
mailing list