CDR: anonymous PGP-only remailers
Tom Vogt
tom at ricardo.de
Wed Oct 4 02:54:30 PDT 2000
"cypherpunks write code", wasn't it? :)
here's my first proposal. a simple perl script that should find out
whether any given message (piped from stdin) is a PGP message or not. it
does NOT accept messages with more than 10 non-blank, non-encrypted
lines. why? well, you might have a few lines of .sig, but we don't want
to accept your spam simple because you have three fake PGP-lines at the
bottom, right?
I'm not a perl-guru, so this can most likely be reduced to less than
half the space. :)
and no, it's NOT an algorithm that can check whether something is plain-
or ciphertext. it's for PGP messages ONLY. please tell me whether or not
you find a way to make it accept spam as legitimate, or deny a PGP mail.
#!/usr/bin/perl
$is_crypted=false;
$stage=0;
$body=0;
$lines=0;
$lines_fit=0;
$other_lines=0;
while (<>) {
if ($body==0&&/^$/) {
$body=1;
}
if ($body==0) { next; }
if ($stage==0&&/^-----BEGIN PGP MESSAGE-----$/) {
$stage=1;
next;
}
if ($stage==1&&//) {
$stage=2;
next;
}
if ($stage==2&&/^-----END PGP MESSAGE-----$/) {
if ($lines_fit+3>$lines) {
$stage=3;
} else {
print "malformed PGP message\n";
exit 1;
}
}
if ($stage==2&&/^(.*)$/) {
$line=$1;
$line =~ s/ //g;
if (length($line)>0) { $lines++; }
if (length($line)==64) { $lines_fit++; }
next;
}
$other_lines++;
}
if ($other_lines>10) {
print "too many non-encrypted lines\n";
exit 1;
}
if ($stage==3) {
exit 0;
} else {
print "not a PGP message\n";
exit 1;
}
More information about the Testlist
mailing list