[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] SICS

To: asrg at ietf.org
Subject: Re: [Asrg] SICS
From: Seth Breidbart <sethb at panix.com>
Date: Fri, 24 Dec 2004 11:05:48 -0500 (EST)
In-reply-to: <20041224091458.GA20626@ender> (message from Laird Breyer on Fri, 24 Dec 2004 19:14:58 +1000)
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <20041221053754.GB5590@ender> <16840.42312.450617.720509@world.std.com> <20041221233651.GC10900@ender> <16840.54485.186606.533464@world.std.com> <20041222040940.GA11810@ender> <16841.64877.977185.534337@world.std.com> <20041223005806.GA15433@ender> <16842.16898.474019.377692@world.std.com> <20041223060439.GA17469@ender> <20041223201353.A1140@evita.devdas.geek> <20041224091458.GA20626@ender>
Sender: asrg-bounces at ietf.org

Laird Breyer <laird at lbreyer.com> wrote:

> While your 40 million user database has constant activity, I presume
> the vast majority of usernames have a long lifetime, a few days at
> least.  So if you build username snapshots at fixed intervals, then
> users would have to wait a little for their new address to become
> "live" etc.

If you're willing to suffer a _few_ false positives on the filtering,
and do a little more arithmetic, you can do better.  Construct some
number of hash functions whose output is an address that holds 1 bit.
Hash each email address with each function, and turn the pointed-at
bit on.  When email comes in, apply all the hash functions and check
the pointed-at bits.  If they're all on, pass the message through.

A new user gets turned on immediately, by turning on the necessary
bits in the table.  A deleted user doesn't go away until the next full
rebuild.  There's a small chance (depends on hash table size, number
of hash functions, number of valid email addresses) of a random
address being accepted due to collisions, but this can be made
acceptably small.  (Using a parameterized set of hash functions allows
them to be changed every rebuild, to avoid the chance that a commonly
attacked bad address passes.)

Seth

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

References:
- Re: [Asrg] SICS
  - From: Laird Breyer
- Re: [Asrg] SICS
  - From: Barry Shein
- Re: [Asrg] SICS
  - From: Laird Breyer
- Re: [Asrg] SICS
  - From: Barry Shein
- Re: [Asrg] SICS
  - From: Laird Breyer
- Re: [Asrg] SICS
  - From: Barry Shein
- Re: [Asrg] SICS
  - From: Laird Breyer
- Re: [Asrg] SICS
  - From: Barry Shein
- Re: [Asrg] SICS
  - From: Laird Breyer
- Re: [Asrg] SICS
  - From: Devdas Bhagat
- Re: [Asrg] SICS
  - From: Laird Breyer

Prev by Date: Re: [Asrg] SICS
Next by Date: Re: [Asrg] Spam, defined, and permissions
Previous by thread: Re: [Asrg] SICS
Next by thread: Re: [Asrg] SICS
Index(es):
- Date
- Thread