Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

Re: Security of Mail Script

by Abigail-II (Bishop)
on Feb 09, 2004 at 10:57 UTC ( [id://327601]=note: print w/replies, xml ) Need Help??


in reply to Security of Mail Script

Well, they can spam the recipient mentioned in the form (that is, whoever is referred to with '12345'). Now, if there's just a few of those 'keys', no spammer will bother. But if you have thousands of people in your database, and the keys can be easily guessed (for instance, because you use consecutive numbers), a spammer can use the form by just guessing keys.

Abigail

Replies are listed 'Best First'.
Re: Re: Security of Mail Script
by arturo (Vicar) on Feb 09, 2004 at 15:56 UTC

    Hrm, makes me think that one way of doing it might be to use a hashed value of ( the email address plus a secret key ) in order to specify the recipient. Those who want to receive mail at a specific address via the form could be given the hashed value. Although it obscures the actual destination, it's no protection against a spammer who doesn't care who's on the other end (which is, of course, the overwhelming majority of spammers).

    If not P, what? Q maybe?
    "Sidney Morgenbesser"

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://327601]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others pondering the Monastery: (8)
As of 2024-04-25 15:08 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found