I wonder how effective it would be to look up the MX record of each domain (or just the A record, as it looks like all of mailinator's alternate domains have MX records that just point to their own A records) and ban…
Exactly; Having a secret hash is just another example of futile security through obscurity. You want an attacker to be able to know as many parts of the puzzle as possible and still be thwarted.
Also the name is delightfully nerdy; I'll bet current only flows one way through that cat, at least under low loads.
I wonder how effective it would be to look up the MX record of each domain (or just the A record, as it looks like all of mailinator's alternate domains have MX records that just point to their own A records) and ban…
Exactly; Having a secret hash is just another example of futile security through obscurity. You want an attacker to be able to know as many parts of the puzzle as possible and still be thwarted.
Also the name is delightfully nerdy; I'll bet current only flows one way through that cat, at least under low loads.