Meng Weng Wong wrote:
I would be happy to release a Mail::SRS::DBI subclass that performs the
rewrite to a 32 char HMAC plus 32 char DB key or something like that.
The point of publishing an SRS standard was so that an intermediary
could replace A-B(_at_)C with A-D(_at_)E instead of having to do
A-B-C-D(_at_)E(_dot_) If the whole thing gets shoved into a DB there's no need
for
a standard syntax with delimiters and whatnot.
I'm not sure that you can do this. In particular, E cannot know whether
the previous entry had the correct hash or not. I think that the only
solution is to use a database to perform the mapping. I'd be inclined to
HMAC the sender using a secret key. Then just send the message on with
bounce-<hash> as the sender. You need to store the mapping from hash to
sender in a database, along with some timeouts. I'm not entirely certain
why we should use an HMAC rather than a hash, but it seems to provide a
little extra security for very little extra cost.
Philip
--
Philip Gladstone
* Check out the live pondcam at http://pond.gladstonefamily.net
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
smime.p7s
Description: S/MIME Cryptographic Signature