XMITIP does not provide a digital signature and does not utilize a CA. The antispoof is a block of text with the senders userid/date/time jobname, jobid, system name, node name, and user name that is added by XMITIP when sending any email.
Lionel B. Dyck <sdg>< Website: https://www.lbdsoftware.com "Worry more about your character than your reputation. Character is what you are, reputation merely what others think you are." - John Wooden -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Paul Gilmartin Sent: Thursday, February 18, 2021 11:08 AM To: [email protected] Subject: Re: XMITIP and ANTI SPOOF message On Thu, 18 Feb 2021 10:45:44 -0600, Lionel B Dyck wrote: >The Anti-Spoof was implemented because of auditors and the ability to turn if >off was at the request of one shop who didn't want it. The default is to have >it on which is my preference. > >SMTP is inherently insecure so having it is an aid but not fool proof >for all the fools out there 😊 > Don't underestimate the resourcefulness of your fool. My understanding is that a digital signature often consists of a checksum encrypted with the sender's private key which the recipient can verify with the sender's public key. Is that what XMITIP does? What CA does it consult for the keys? Is EBCDIC a problem? (And why do my most trivial emails nowadays have at least 5KB of crap headers? Is that a signature added by the sender's SMTP and verified by my IMAP?) -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
