#!/usr/bin/perl
# spamtrap_encode/spamtrap_decode
# zeitform Internet Dienste (c) 2003
# alex@zeitform.de - Version 0.1
#
# encrypt timestamp and ip address for random mail-addresses
#
# spamtrap_encode creates a blowfish encrypted hex string
# based on a given ip address and timestamp to construct
# dynamic mail addresses for online publishing
#
# If one receives mail to such an address the hex string can be
# decoded/decrypted and the IP-Address and timestamp of the
# address harvester will be revealed and prosecuted.
#
# usage:
#
# my $ip   = $ENV{REMOTE_ADDR};   # e.g. "146.140.8.123"
# my $time = time;                # unix timestamp
# my $key  = "0123456789ABCDEF";  # key for Blowfish
#
# my $string = spamtrap_encode($ip, $time, $key);  # e.g. 78c1ed6da0322b3a
#
# ($ip, $time) = spamtrap_decode($string, $key);   # returns ip address and timestamp
#
# Example:
#
# If you have an E-Mail address "joe@domain.com" and use qmail
# extensions to have addresses like "joe-anything@domain.com"
# you could publish your E-Mail address on websites with:
#
# print '<a href="mailto:joe-' . spamtrap_encode($ip, $time, $key) . '@domain.com">Joe</a>';
#
# which prints:
#
#  <a href="mailto:joe-78c1ed6da0322b3a@domain.com">Joe</a>
#
# A perfect trap for address harvesters!
#
# Many thanks to Daniel A. Rehbein (http://daniel.rehbein.net/)
# for the idea to this code.
#
# LICENSE:
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
#
# Get the GPL from: http://www.gnu.org/licenses/gpl.html
#

#### some dumy input
#
#  $ip   = quad-dooted ip address
#  $time = unix timestamp
#  $key  = your secret key

my $ip   = "146.140.8.123";
my $time = time;
my $key  = "0123456789ABCDEF";

#### end dummy input

my $string = spamtrap_encode($ip, $time, $key);

print "time:   $time\n";
print "ip:     $ip\n";
print "cipher: $string\n";

($ip, $time) = spamtrap_decode($string, $key);

print "time:   $time\n";
print "ip:     $ip\n";

exit;

### sub land

sub spamtrap_encode
  {
    my ($ip, $time, $key) = @_;
    return unless $key;
    return unless $time > 0;
    return unless $ip =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/o;
    my $inkey = pack("H16", $key);
    my $plaintext = join("", map { chr } split (/\./, $ip)) . pack("L", $time);
    use Crypt::Blowfish;
    my $cipher = new Crypt::Blowfish $inkey;
    my $string = unpack("H*", $cipher->encrypt($plaintext));
    return $string;
  }

sub spamtrap_decode
  {
    my ($string, $key) = @_;
    return unless $key;
    return unless $string =~ /[0-9a-f]{16}/o;
    my $inkey = pack("H16", $key);
    use Crypt::Blowfish;
    my $cipher = new Crypt::Blowfish $inkey;
    my $plaintext = $cipher->decrypt(pack("H*", $string));
    my $time = unpack("L", substr($plaintext, 4, 4));
    my $ip = join(".", map { ord } split //, substr($plaintext, 0, 4));
    return wantarray ? ($ip, $time) : "$ip $time";
  }

###-fin-




