unicorn Ruby/Rack server user+dev discussion/patches/pulls/bugs/help
 help / color / mirror / code / Atom feed
From: Eric Wong <e@80x24.org>
To: meta@public-inbox.org
Cc: "Lin Jen-Shin (godfat)" <godfat@godfat.org>,
	"Liste Unicorn" <mongrel-unicorn@rubyforge.org>,
	"Jérémy Lecour" <jeremy.lecour@gmail.com>,
	"Alejandro Riera" <ariera@gmail.com>,
	"Bráulio Bhavamitra" <braulio@eita.org.br>,
Subject: handling SMTP subscribers to public-inboxen
Date: Wed, 7 May 2014 19:54:45 +0000	[thread overview]
Message-ID: <20140507195444.GA12686@dcvr.yhbt.net> (raw)
In-Reply-To: <CAHF=L-zmTsMWyu3EMHm+=DsdbUMMUztKJ6VfGYF5+owB85mg9Q@mail.gmail.com>

Alejandro Riera <ariera@gmail.com> wrote:
> "Lin Jen-Shin (godfat)" <godfat@godfat.org> wrote:
> > I guess I am too lazy/busy to dig into this, so an SMTP would be great
> > for me. I am also ok to be listed as a public subscriber.
> Same here, SMTP sounds great :)

Copying discussion to the meta@public-inbox.org list...

Thanks all for your response.  I'll set up something on the ssoma side
which replays messages to subscribers.  This will make it easy to
fork/migrate subscription lists to different servers.

I'll probably use VERP[1] to handle bounces.  However, most of the
normal bounce processing mechanisms (including VERP) seems to leave
users open to malicious unsubscribes.  In other words, an attacker
may fake bounce messages to take users off a list (VERP or not).
The reference documentation for VERP just makes faking bounces
trivially easy.

So I think we need to make the bounce address unguessable by the
attacker.  Perhaps using something like Crypt-VERPString[2] is
necessary?  Keep in mind somebody sniffing your plain-text SMTP traffic
will (and will always) be able to extract the bounce address; so this
only increases the difficulty level to do a malicious unsubscribe.

The secret key should be able to change when migrating between servers
(or if compromised) without being a big problem, as most bounces occur
hours/days within delivery time; not months/years afterwards.

[1] http://cr.yp.to/proto/verp.txt
[2] http://search.cpan.org/dist/Crypt-VERPString

  reply	other threads:[~2014-05-07 19:54 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-05-07  8:05 [ANN] unicorn 4.8.3 - the end of an era Eric Wong
2014-05-07  9:30 ` Jérémy Lecour
2014-05-07  9:46   ` Eric Wong
2014-05-07 10:16     ` Lin Jen-Shin (godfat)
2014-05-07 10:52       ` Alejandro Riera
2014-05-07 19:54         ` Eric Wong [this message]
2014-05-07 20:33     ` Michael Fischer
2014-05-07 21:25       ` Eric Wong
2014-05-07 12:08 ` Bráulio Bhavamitra
2014-05-07 20:25   ` Xavier Noria
2014-05-07 20:34     ` Eric Wong
2014-05-07 20:37       ` Xavier Noria

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

  List information: https://yhbt.net/unicorn/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140507195444.GA12686@dcvr.yhbt.net \
    --to=e@80x24.org \
    --cc=ariera@gmail.com \
    --cc=braulio@eita.org.br \
    --cc=godfat@godfat.org \
    --cc=jeremy.lecour@gmail.com \
    --cc=meta@public-inbox.org \
    --cc=mongrel-unicorn@rubyforge.org \
    --cc=unicorn-public@bogomips.org \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).