Moin, > Looks interesant. Did you consider using hashed (SHA1 or so) > domains/ruas?
No, not really; If I receive a hash, I could still match it against the DB, so no real privacy gain there. There also is a bit of a chicken<>egg problem: I need to know domains to be able to test if their RUAs are able to receive domains. With 'just' my mailer, the set of domains is a bit small. I am, though, thinking about tailing CT logs/other domain sources for this. > While that are both public information, i afraid to "report" all > incoming domains (with rua) to third party service... I would say that for the usecase of 'privacy preservence', it makes more sense to just use the two export URLs as static external maps. No need for individual queries then; You just have to refresh it occasionally. With best regards, Tobias -- Dr.-Ing. Tobias Fiebig T +31 616 80 98 99 M [email protected] _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
