Rob McEwen wrote:
A word of caution. Be very careful how you use the list.
OK. I was wrong. Due to this discussion, I'm convinced that MD5 of the
whole (lower case!) e-mail address is best, with the entire e-mail
address still showing up in plain text in the DNS txt record.
But I have some questions:
(1) is MD5 of the entire address reasonably safe from collisions.
(consider the 'birthday paradox' before being too quick to answer)
Yes. The chance of a collision is ridiculously small. Not worth worrying
about.
(2) I'm also interested in knowing more specifics about the data found
at
http://anti-phishing-email-reply.googlecode.com/svn/trunk/phishing_reply_addresses
(2.a.) how frequently are new scam addresses added to that list?
(2.b.) how long does an address take to expire since the last e-mail
address is used for scams "in the wild"
(2.c.) Is the data auto-added? or must e-mail addresses go through a
manual review first?
(2.d.) Moreover, what is a typical time between the "419" spammer's last
spotted use of the e-mail, and appearance in that list?
(I don't need exactly precise answers which spammers might use to 'game'
the system... just basic estimates will do)
There's actually a mailing list for the project. You're probably better
off asking these questions there:
http://groups.google.com/group/anti-phishing-email-reply-discuss
--
Mike Cardwell
(https://secure.grepular.com/) (http://perlcv.com/)
