Thanks the result is bellow, where sig is a file containing the signature (from BEGIN PGP SIGNATURE to END PGP SIGNATURE) and broken.sig is the same file where I deleted one byte.
Even if PGP (my version is quite old) cannot do anything with the signature, it can assess that the signature is possible or not. Provided PGP is available on the SA machine, the test should be fast enough and more secure that checking only for the BEGIN PGP SIGNATURE line. Olivier oak<on>46: pgp sig Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses. (c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04 International version - not for use in the USA. Does not use RSAREF. Current time: 2002/03/05 04:00 GMT File has signature. Public key is required to check signature. Unsupported packet format - you need a newer version of PGP for this file. For a usage summary, type: pgp -h For more detailed help, consult the PGP User's Guide. oak<on>47: pgp broken.sig Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses. (c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04 International version - not for use in the USA. Does not use RSAREF. Current time: 2002/03/05 04:00 GMT Error: 'broken.sig' is not a ciphertext, signature, or key file. For a usage summary, type: pgp -h For more detailed help, consult the PGP User's Guide. oak<on>48: _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
