On Wed, 17 Aug 2005, Seth Goodman wrote:
Unless I'm misunderstanding your proposal, why not just close that specific
RSS address account? I'm assuming that each one of these addresses is a
functioning incoming-only address that forwards to the user's mailbox. Your
The RRS addresses do not exist in any database anywhere. The milter strips
the RRS and checks SPF for the forwarder before passing it on to sendmail.
To "close the account" implies that the valid RRS addresses are listed
somewhere and that I can just remove one. Or else that there is
a revokation list somewhere.
milter could even strip the RSS string off the address so the user never has
to see it. When you create new RSS hashes, include an ordinal or random
number in the string that you hash. This way, if you ever want to
reauthorize that same non-SRS forwarder for that same user, you will
generate a different hash for the same forwarder-user pair.
If I have a database, then there is no need for the RRS. I just register
an arbitrary string and map it to user,forwarder.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.