-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oohara Yuuma wrote:
>I received an e-mail from a contributer of a Debian package I maintain. >The mail says his e-mail address is no longer operational and he has >a new one. Because his work is an important part of the package, >it will be good to mention it in the changelog of the package. > >The problem is that the mail is written in a way which makes me think >it is a spam: >* more than 50 addresses in the Cc: list This is believable if he is sending it to everyone. Spam usually doesn't have any CC's. >* the claimed "new address" is @yahoo.ca Could it be temporary? Is he located in CA? Hard to tell. >* not GPG signed, no information about him in the body Very suspicious. >If it is a spam, then updating the old address is wrong and responding >to it is not very safe. I have no other way to contact him. >What should I do? > My recommendation is forging your from header and sending a GPG encrypted message to his key to the address. If it's him, he should be able to decrypt it, get your right info and send you a message. Benjamin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDG7pQev9LOsNKpIQRAp5SAJ9V1rNnI9pblHQlpV/lbkg3g0bqngCeOg3E 6MThTn6ZiY/fpsUplp/CFLU= =Mw81 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
