[EMAIL PROTECTED] (Justin Mason) writes:
> For PGP/GPG to be useful as an unforgeable bonus-points mechanism, it
> needs key distribution. We can no longer just say "it has *some*
> PGP signature" -- because spammers are actively forging them, cutting
> them from other mails, etc. as far as I k
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Justin,
Friday, June 27, 2003, 7:21:47 PM, you wrote:
JM> BTW, I have seen spam using a real person's PGP sig, cut and pasted
from
JM> one of their messages.
Yes, and that's why just having a syntactically correct PGP sig shouldn't
get any sig
BTW, I have seen spam using a real person's PGP sig, cut and pasted from
one of their messages.
> If we added the ability to include lines in local.cf or user_prefs like
> > validpgp 0x38AA1D47
> (a list of space-separated hex numbers), then THOSE specific signatures
> could score strong negative
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Robert,
Friday, June 27, 2003, 8:33:17 AM, you wrote:
>>> I could almost bet my left index finger on the fact that 99%
>>> of those PGP-signatures are invalid. ...
>>I'll profess some degree of ignorance about PGP signatures, but does
>>it mat
At 10:40 PM 6/27/2003 +0100, Martin Radford wrote:
They could do this. On the other hand, there's some computational
cost in generating the PGP signature, which is going to slow down the
spam run. Alternatively, if they use the same message body for all
messages (and hence the same signature) the
At Fri Jun 27 16:33:17 2003, Robert Strickler wrote:
> I too have large gaps in the operation of PGP, but is it not tied to an
> email address or some other publicly available validation of the senders
> identity?
No. Well, you could use anything as an "email address" in the key -
for example,
At Fri Jun 27 15:27:18 2003, Chris Blaise wrote:
>
> > I could almost bet my left index finger on the fact that 99%
> > of those PGP-signatures are invalid. This is something that
> > SA could exploit.
>
> I'll profess some degree of ignorance about PGP signatures, but
> does it matter if
> >> I could almost bet my left index finger on the fact that 99%
> >> of those PGP-signatures are invalid. This is something that
> >> SA could exploit.
[..]
> I too have large gaps in the operation of PGP, but is it not tied to an
> email address or some other publicly available validation of the
>> I could almost bet my left index finger on the fact that 99%
>> of those PGP-signatures are invalid. This is something that
>> SA could exploit.
>I'll profess some degree of ignorance about PGP signatures, but does it
matter if it's valid or not? Couldn't a spammer generate a perfectly valid
> I'll profess some degree of ignorance about PGP signatures, but
>does it matter if it's valid or not? Couldn't a spammer generate a
>perfectly valid PGP signature and use it in their messages to get the
>lower score?
Depends on how you define "valid": if it's just syntactical correctness
> I could almost bet my left index finger on the fact that 99%
> of those PGP-signatures are invalid. This is something that
> SA could exploit.
I'll profess some degree of ignorance about PGP signatures, but
does it matter if it's valid or not? Couldn't a spammer generate a
perfectly v
Hi list,
Having read this for long I thought it could be my time to contribute
something. :-)
> A message just slipped through, no text, just an image. It slipped through
> with a ridiculously low score, minus .6
>
> When I expanded the headers, I found that the message got through mostly
> becau
> > A message just slipped through, no text, just an image. It slipped through
> > with a ridiculously low score, minus .6
>
> You know better by now :-) That's what you get for using SA 1.1
I'm using 2.55.
--
Jack Gostl [EMAIL PROTECTED]
-
No... I'm not suggesting anything about PGP sigs. What (I think) happened
here was that a marginally passable PGP sig was buried in the HTML portion
of the message. I almost didn't see it. So not only do I question the
negative value on a PGP sig, I'm noting that this is a suspicious sig that
slip
How can you suggest incorporating a PGP into the ruleset though?
You can check if its a valid length, but then spammers will use valid
PGP sigs.
You can't pointify all PGP sigs, because lots of valid mail is signed
w/a PGP
So you can either:
Remove the negative points for PGP sigs -- essential
Jack Gostl wrote:
A message just slipped through, no text, just an image. It slipped through
with a ridiculously low score, minus .6
You know better by now :-) That's what you get for using SA 1.1
Tony
--
Tony Earnshaw
Humor him, and he'll go away again
http://j-walk.com/blog/docs/conference.h
A message just slipped through, no text, just an image. It slipped through
with a ridiculously low score, minus .6
When I expanded the headers, I found that the message got through mostly
because of the following.
USER_AGENT_MSN (-2.3 points) Headers indicate valid mail from MSN
PGP_SIGNAT
17 matches
Mail list logo
