-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, Jul 26, 2003 at 11:18:39AM +0700, Alexander Litvinov wrote:
> > Of course, in theory spammers could start including things that look like
> > PGP signatures.  But since most people don't use PGP or GnuPG, we don't
> > have to worry about this.
> >
> > Later of, if spammers start to add fake PGP signatures, we can call an
> > external program to check the signature.  Emails whose signatures are
> > recognized would automatically accepted.  Having an un-recognized PGP
> > signature might even count as a spam score.
> >
> > Thoughts?
> 
> Spammer WILL start to use real, good signatures. It is not too hard.

Perhaps the word "fake" was not the best one to convey my meaning.  
Replace "use a fake signature" by "use a signature whose public key you do 
not already have".

This would not, of course, make something "definitelly" spam.  It'd just 
give it an additional +1.0 added to its spamminess.

The point is, checking the PGP signature is a good way of finding out if 
someone is supposed to be writing to you.  If there is a recognizable PGP 
sig, it counts very well (e.g. -4.5) if it's not recognized it counts a 
little bad (e.g. +1.0)

- -- 
Daniel Carrera    | OpenPGP fingerprint:
Mathematics Dept. | 6643 8C8B 3522 66CB D16C D779 2FDD 7DAC 9AF7 7A88
UMD, College Park | http://www.math.umd.edu/~dcarrera/pgp.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (SunOS)

iD8DBQE/Ig8HnxE8DWHf+OcRAu2xAJsEqtspe4XHLCMo1Bg9C/K8FTy0iwCeOSpd
bJcyLD/n3HNTHiXVFMIUYpk=
=Gcl4
-----END PGP SIGNATURE-----


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to