More secure alt inbox addresses generation

[wyvernzora]

Hi,

I noticed that alt-inboxes are generated using some simple binary math. By looking at the code, it seems that any reversible function would work for that purpose. How about using AES-OFB with a server key? Such key can be generated at deployment or first start if necessary. Using OFB mode shouldn't impact output size, and base32 would still guarantee valid characters are used.

I am personally not terribly familiar with scala, but would be happy to look into submitting a PR if you think this is a good idea.

P.S. Also would be nice to provide an address to alt-address API...

[evilmrburns]

The scala source is available. You don't need an API to get addresses, you can just create them yourself.

https://github.com/m242/maildrop/blob/7e1c68f132fdb308ea0efbe84d3ee0600595a165/common/src/main/scala/com/heluna/maildrop/util/AltInbox.scala

For example, the developer on the contact page lists D-17q8aboasx@maildrop.cc as a contract address. That box is simply contactus@maildrop.cc. Easily reversible using their code, and figuring out that 9472958320 is their modifier took approximately 2 seconds.

I'm not sure how mailinator did their alternate addresses while they listed them, but the method was surely similar. They don't appear to list theirs anymore.

Remember, alternate addresses do not make your communications private on maildrop, only obscure them. And we all know what security through obscurity gets you.