sendok is a simple program to generate email addresses with timed cookies in them. That is, you can give someone a generated address that will accept mail from a given sender for a given time period. The address contains a cryptographic hash so that no per-address local data needs to be stored.
The hash function used is DJB's SURF, which is used in ezmlm.
sendok-create is used to create new addresses which expire at a given time offset.
sendok-check is used to check if a given cookie is valid.
sendok was designed with qmail in mind. It is possible to use it without qmail, however.
Latest version:
Older versions:
Unpack the sendok package:
gunzip -c sendok-VERSION.tar.gz | tar -xf - cd sendok-VERSION
Compile the sendok package:
make
Run package tests:
make test
As root, install sendok in /usr/local:
make setup check
touch $HOME/.sendok-secret chmod 600 $HOME/.sendok-secret dd if=/dev/random of=$HOME/.sendok-secret bs=1 count=32
cat >$HOME/.qmail-sendok-default <<'EOF' |sendok-check $HOME/.sendok-secret "$EXT2"; case $? in 100) exit 99 ;; 0) exit 0 ;; *) exit 111 ;; esac /wherever/your/mail/should/go/ EOFThe .qmail file above will silently discard messages if the cookie is old or invalid, deliver them if ok, or retry if a temporary error is encountered.
SENDER=sender@domain sendok-create 432000 user-sendok- $HOME/.sendok-secret @domainThe command above will generate an address of the form "user-sendok-COOKIE@domain" that will be valid for the sender "sender@domain" for 432000 seconds (5 days). If sendok-create is used in a .qmail file (e.g., to bounce a possible spam message), SENDER will already be set correctly.
Questions or bug reports to peff@peff.net.