undefined | Better HN

0 pointsaaaaaaaaaaab3y ago0 comments

You can just use [id]-[sha1 hmac]@domain.tld

The id could be anything, and the SHA1 HMAC takes 32 characters in base32 (which is an email-address-safe encoding). Then just configure your spamfilter to reject any address where the HMAC doesn’t check out.

Of course, the drawback is that you’ll need a computer to generate a new address… At which point you may as well store an explicit whitelist of valid addresses.

0 comments

remram3y ago

You can do that from a phone app though, or even a static webpage that loads on phones. It doesn't have to be 32 characters either, putting ~4 characters is probably secure enough, unless a ton of people start using this exact scheme.

This is a great idea, I might implement it. The difficult part is hooking the validation in the mail server I guess.

j / k navigate · click thread line to collapse

0 pointsaaaaaaaaaaab3y ago0 comments

You can just use [id]-[sha1 hmac]@domain.tld

Of course, the drawback is that you’ll need a computer to generate a new address… At which point you may as well store an explicit whitelist of valid addresses.

0 comments

remram3y ago

This is a great idea, I might implement it. The difficult part is hooking the validation in the mail server I guess.

j / k navigate · click thread line to collapse