gabriel rosenkoetter wrote: > It's still a worthwhile check, assuming an appropriately weighted > system (valid PGP signatures don't necessarily mean I want to read > the email, so it's worth a few points, but definitely a less-than-1 > fraction of my "not spam, deliver it" number). Given that the default
Not really. The instant spammers figure they can sneak past SpamAssassin a fractional bit more by having a good PGP signature, we're going to see an explosion of PGP/MIME. The main body will be random text and have a valid signature; the attachment will be the permuted-per-recipient image, and will not. They need to sign one message and send it to ten million people. Ten million people then need to have their spamfilters parse the PGP signature to see whether to give it the fractional point deduction. This is classic asymmetric warfare. In very short order so many spammers will be using PGP/MIME that just using PGP/MIME legitimately will raise the point value of your traffic. Which means that six months after people start marking down PGP-signed emails, people start marking the scores way, way up. I don't feel like sacrificing my ability to send encrypted emails to someone just to get an additional six months delay in the spam war. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
