At 16:32 2007-10-15, Werner Koch wrote: >On Mon, 15 Oct 2007 13:26, [EMAIL PROTECTED] said: > >> The real solution would be for SpamAssasin to check that the PGP >> messages are well-formed, and verify signatures on any PGP message >> before altering its score. A tad CPU intensive, I think, and it poses > >FWIW, a few weeks ago I received the first PGP signed spam. The >signature was good and I believe that it was sent using a trojan >utilizing the local MUA which was configured to sign all outgoing mail. > > >Shalom-Salam, > > Werner
The good news is that this makes it fairly easy to locate the compromised computer and alert the user. Snoken _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
