Ostiary
Alexander Klimov
alserkli at inbox.ru
Wed Aug 3 03:52:29 EDT 2005
On Tue, 2 Aug 2005, Udhay Shankar N wrote:
> Sounds interesting. Has anybody used this, and are there any comments?
For similar purpose I used to use .qmail based system: the script
started from .qmail when a message to some special address arrives,
the script checks the digital signature on the message, compare the
first line with stored counter (to avoid replay attacks) and executes
the needed command. The positive side of this technique is that it is
very simple (just few lines to code), does not need to open a port
(and so it is firewall-friendly, no need to talk with sysadmins, ...),
very unlikely to introduce security holes (qmail has quite good
records, and in my case the mail was needed anyway).
--
Regards,
ASK
P.S. If the moderator is troubled with spam let us agree on some
special word in subject so that he can automatically reject the
messages which do not have it.
[Moderator's note: blocking messages from non-subscribers has been
100% effective already. --Perry]
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list