-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Alexander,
Friday, July 25, 2003, 10:37:51 PM, you wrote: >> The point is, checking the PGP signature is a good way of finding >> out if someone is supposed to be writing to you. If there is a >> recognizable PGP sig, it counts very well (e.g. -4.5) if it's not >> recognized it counts a little bad (e.g. +1.0) AL> Hmm, I understand the idea now. I will argue about positive score AL> for unknown signatures, but negative score for signatures in the AL> my ~/.gnupg is good I'd like to see the ability to run such tests. And following SA practices, each would be a test with its own score, and we each could score them according to our own needs and experiences. * PGPSIG_KNOWN_KEY -- valid signature, known key -- negative score * PGPSIG_UNKNOWN_KEY -- valid signature, unknown key -- slight positive or negative, according to our needs. * PGPSIG_INVALID_KNOWN -- invalid signature, but known key -- likely an email client problem. * PGPSIG_INVALID_UNKNOWN -- invalid signature and unknown key -- probably worth a positive score. Bob Menschel -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPyNBN5ebK8E4qh1HEQJFqACeKle1R98G4ICWC2V9mx90Zo3qsDoAn0cA 88RapGOTj9dP27H5X7myqKBp =nP7k -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
