On Mon, Jun 21, 2004 at 11:43:34PM +0100, Stephen Stafford wrote: > Is there any reason not to just accept *any* gpg/pgp signed mail? At the > moment > I've never seen a spammer signing mail, so *any* mail received that is signed > is > likely to be ham. If it turned out they were going to start doing so, then > fine, add the functionality (and leave room for it in the design now), but I > see > no reason to incur the overhead of checking signatures against a keyring if it > buys us nothing immediately. > > Perhaps implement the checking feature, but turn it off for now? I have seen spam that looks like it is signed, but mutt doesn't show it as such. I think perhaps they tried to sign it but failed to do so properly. ;) Chris
Attachment:
signature.asc
Description: Digital signature