On Tue, 28 Apr 2009, Steve Freegard wrote:
Nah - I really don't like it that way; it doesn't really bring you any
benefit and is more likely to cause collisions if you do it that way.
Don't see how it can cause less DNS traffic either. At least using MD5
hashes your DNS query will only be 32 characters + blacklist zone name
regardless of the size of the input string.
To reduce the likelihood of collisions then it's better to add the input
string length at the end of the md5 like ClamAV does in it's MD5 sigs e.g.
s...@laptop-smf:~$ perl -MDigest::MD5 -e '$email="s...@fsg.com"; print
Digest::MD5::md5_hex($email).length($email).".emailbl.org\n"'
c18782f8d94595d5e016e3ab9ab3f8f610.emailbl.org
This also has the benefit of making it impossible to reverse the list if
the spammer were to rsync the list.
Silly question, given that RFC-2181 says that you can put almost anything
you want into a DNS zone file, why go to the bother with the munging, why
not just put the raw unadulterated e-mail address in there and do direct
queries on it?
EG: nslookup syst...@administrativos.com.marc.icaen.uiowa.edu.
Assuming you're running reasonably up-2-date DNS stuff it does just work.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
