bbs.spamgourmet.com

[alan]

Hi, I hope I've chosen the right forum for feature requests.

I'd be really interested in the following -- a means of changing the number of remaining messages for a disposable address via an email interface, for example if SG provided an address which receives and processes emails containing lines of the form:

setcount <remaining_count> <disposable_address> <password>

I find it is hard to anticipate when creating a disposable address how many emails you want it to receive, as it could range from never receiving any legitimate emails before being used for spam, to being used for a more prolonged legitimate exchange. So the need to alter the remaining message count is quite common.

The key thing here is that these decisions to change the message count are made while reading email rather than while browsing the web. It would be quicker to send a one-line email using the email client that is already open than to fire up a web browser and go through the various steps needed to log in and change the remaining message count via the website.

Many thanks.

[SysKoll]

That's an often requested feature. It has extremely severe security problems if you think of it. This ain't Microsoft, we don't want to let the convenience aspect to override security concerns.

[alan]

Could you please expand on what the security problems are? (I know about the transmission of the password in cleartext, but then the web login isn't SSL either.) Many thanks.

[Paranoid2000]

That's an often requested feature. It has extremely severe security problems if you think of it. This ain't Microsoft, we don't want to let the convenience aspect to override security concerns.

This could be done quite securely - just add the option to reply to emails received via the SG address (the one including the checksum and destination address, making exploits harder) with a special message format, e.g.

###SpamGourmet Account Change Request###
SetCount <alias_name> <current_number> <new_number>
###This will not be relayed further by SpamGourmet###

This email would then only alter the count for the alias used and would not be forwarded on.

Anyone with access to a user's email could get the information needed to spoof such a request so giving people the option to disable it via the webpage in case of abuse is a good idea - but this should be a rare event.

[SysKoll]

Could you please expand on what the security problems are? (I know about the transmission of the password in cleartext, but then the web login isn't SSL either.) Many thanks.

Easy. Spammers start making up addresses and constantly turn their counters back to the max.

Up to now, I was dismissing this kind of scenarios. But since we are now the recipient of a spammer's efforts to sabotage us, I am starting to take security much more seriously.

Speaking of which, Josh, please note that I changed the root password to "abc". (Just kidding).

[Paranoid2000]

Easy. Spammers start making up addresses and constantly turn their counters back to the max.

The suggestion above would prevent this since a spammer would have to know the correct reply address, including checksum. Given previous discussions of this checksum, the only likely method of doing this is by having a data-collecting trojan on the user's PC or a packet sniffer on the their local network or ISP - even then the ability to disable this feature (plus the existing prefix and watchword options limiting alias creation) would block this.

[SysKoll]

Yeah, OK, I see. But then, this means that to reload a disposable, you have to fetch the correct address in your mail client's address book (for the hash), then the correct format in some saved email (for the syntax).

At this point, is it really faster than opening a browser? Especially since Firefox and other modern browser allow you to autofill in the password, you don't even have to type your login and password.