From: asrg-admin(_at_)ietf(_dot_)org [mailto:asrg-admin(_at_)ietf(_dot_)org]
On
Behalf Of Vernon Schryver
Sent: June 21, 2003 00:49
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] New proposal for spam blocking: Greylisting
From: Elric Pedder <elric(_at_)novitraq(_dot_)com>
...
If only a hash of the triplet were stored, would this solve
the privacy issue?
No. Consider a "dictionary attack." If you have a copy of
the database and want to know if Steve Case sent Bill Gates
a message, you hash those two addresses with a likely IP address
and see if you can get a hit in the database. If you do not know
the exact IP address, you can guess it is one of a few thousand
(or at most a billion) and make the corresponding few thousand
(or billion) probes of your copy of the database. Like a
dictionary attack on /etc/passwd, this attack may not be quick,
but it is effective.
I see what you mean. I was thinking of the privacy issue from
the perspective of creating new information rather than verifying
that something occurred. What about a weaker hash? Such as MD5
reduced to 16 bits? It would depend on the volume of mail you
received, but I guess at some point the weaker the hash the more
false positives you'll hit -- probably before the necessary privacy
level is reached. I'm interested in this element as other possible
methods may also involve recording the SMTP envelope and the
privacy issues will always come up.
Regardless, I'm not an advocate of greylisting. I agree with
the points you and others have made and the most significant is
that it has a relatively short life span. However it is one of
the more interesting solutions to appear recently.
Best regards,
- Elric
--
Elric Pedder
Mailtraq Development (www.mailtraq.com)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg