On Sunday 27 September 2009 21:38:14 Carlos E. R. wrote:
On Sunday, 2009-09-27 at 14:12 -0400, Michael S. Dunsavage wrote:
How do you know who leaked it? Does the new email say "we bought your email from xyz company?"
Yes, it does. It is a different address for each correspondent, so seeing the address, you know.
Like:
mine.001@somewhere mine.002@somewhere mine.003@somewhere mine.004@somewhere
That's much to easy a system to compromise. My old system was to create the name by using the ROT13 of the domain. My new one is much harder to crack, namely because each address given out is created from the md5sum of the domain it's given to and the date it's created. Sure, the mailbox name 32 characters long and needs to be looked up to identify the original source, but it's going to be a pretty small chance that someone would be able to guess the correct 32 character combination. Given that there's 2^36 possible combinations, 32 times 16 possible characters, getting one that's assigned is going to be pretty unlikely.
If you see spam going to mine.003@somewhere, you know that the person you gave your address "mine.003@somewhere" leaked it.
That gives you a good idea that the person/company/whatever leaked the address. It can't prove it because those pesky little spammers like to make up addresses. Regards, David Bolt -- Team Acorn: www.distributed.net OGR-NG @ ~100Mnodes RC5-72 @ ~1Mkeys/s openSUSE 10.3 32b | openSUSE 11.0 32b | | openSUSE 10.3 64b | openSUSE 11.0 64b | openSUSE 11.1 64b | openSUSE 11.2m6 RISC OS 3.6 | RISC OS 3.11 | openSUSE 11.1 PPC | TOS 4.02 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org