pmeerw's blog

Tue, 28 Apr 2020

ECG API

Mit dem API key lässt sich dann die ECG-Liste abfragen... Und eine schöne Beschreibung der API gibt's auch: https://ecg.rtr.at/dev/doc

#!/usr/bin/python3

import requests
import sys
import hashlib

URL = 'https://ecg.rtr.at/dev/api/v1/emails/check/batch'

headers = {'X-API-KEY': 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'}

emails_plain = ['example@example.com', 'example.com']

body_plain = {'emails': emails_plain, 'contained': True, 'hashed': False}
resp = requests.post(URL, headers=headers, json=body_plain)

print(resp.status_code)
print(resp.text)

emails_hashed = [hashlib.sha512(bytes(x, 'ascii')).hexdigest() for x in emails_plain]
body_hashed = {'emails': emails_hashed, 'contained': True, 'hashed': True}
resp = requests.post(URL, headers=headers, json=body_hashed)

print(resp.status_code)
print(resp.text)

Ergebnis: example@example.com und die Domain example.com sind nicht in der ECG-Liste

200
{"emails":[]}
200
{"emails":[]}

posted at: 14:37 | path: /rant | permanent link

Mon, 27 Apr 2020

ECG-Liste

Die RTR GmbH führt eine Liste, in die sich Personen und Unternehmen kostenlos eintragen können, die keine Werbe-E-Mails erhalten möchten. Rechtliche Grundlage ist § 7 E-Commerce-Gesetz (ECG).

Bisher konnten Eintragungen mittels email durchgeführt werden (siehe sthu's blog: Die Anti-Spam ECG-Liste der RTR) und man konnte eine Liste von SHA1-Hashes von 'gesperrten' Adressen oder domains beziehen und somit lokal abfragen.

Nunmehr (seit Jänner 2020) gibt es ein webbasiertes System zur Verwaltung der ECG-Liste. Eine JSON-Schnittstelle (mit CURL-Beispielen), für deren Verwendung ein API-Key erforderlich ist, erlaubt einzele Email-Adressen (auch SHA512-gehasht) oder Domains abzufragen.

posted at: 00:17 | path: /rant | permanent link

Sat, 09 Feb 2019

Email security testing

internet.nl, very straightforward, also checks web-server security.

My Email Communications Security Assessment (MECSA), by the European Commission; has postfix setup guide.

mail-test.com has a friendly interface and gives suggestions.

posted at: 16:51 | path: /rant | permanent link

Wed, 06 Feb 2019

Linus cares about my DKIM setup :-)

Linus Torvalds points out on LKML that my DKIM setup is broken...

Date: Wed, 6 Feb 2019 08:27:25
From: Linus Torvalds <torvalds@linux-foundation.org>
To: Peter Meerwald-Stadler <pmeerw@pmeerw.net>
Cc: lkml <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v3 1/4] staging: iio: ad7780: add gain & filter gpio support

Peter,

 this email was marked as spam for me (and probably others) because of
this DKIM signature:

   DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=pmeerw.net; s=mail;
       ....

where the problem is that when the message goes through the
vger.kernel.org mailing list machinery, the header whitespace will be
modified.

...

posted at: 17:20 | path: /rant | permanent link

Mon, 05 Nov 2018

Installing OpenJDK on Windows

This will probably be my only Windows and my only Java related blog post ever :(

The JDK version 11 is available from Oracle under a non-open-source license (which you probably don't want), and a GPLv2 license version, https://jdk.java.net/11/.

For Window, you get a .zip file, but no installer. The following has to be done manually:

  1. Unzip to some directory, e.g. C:\jdk-11.0.1
  2. Set PATH: Control Panel, System, Advanced, Environment Variables. Add C:\jdk-11.0.1\bin to PATH variable.
  3. Set JAVA_HOME under System Variables. Create new variable JAVA_HOME, set value to C:\jdk-11.0.1 (without \bin)
  4. Open RegEdit program. Create keys HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft, HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment. Create string value CurrentVersion and set it to the version to use, see below.
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment]
    "CurrentVersion"="11.0.1"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment\11.0.1]
    "JavaHome"="C:\jdk-11.0.1"
    
  5. *facepalm*

posted at: 14:57 | path: /rant | permanent link

Made with PyBlosxom