[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


On Mon, 6 Mar 2017 11:15:23 -0500, Christopher Clements <bcnjr5@gmail.com>
> On Mon, Mar 06, 2017 at 05:01:40PM +0100, Philip Hands wrote:
> >However, because the spam meaasges are created by copying most of the
> >headers from a genuine list mail, when you reply to such a message, it
> >turns up on our lists, and looks like it might even be a reply to a real
> >thread (until you notice that the body of the message they were replying
> >to has never previously been seen on the list).  
> Wow.
> This is the exact reason I sign all my messages.
> Thanks for proving that I'm not _overly_ paranoid!

Signatures don't protect you in this case, because they only cover the
message body, not even the headers.

This also means that signing *everything* isn't necessarily a good idea: if
you sign a re-usable message body, anyone can re-send that body and your
signature with different headers (different subject, different apparent
sender and recipients) and a different envelope (different real sender and



Attachment: pgpBFu4lEk5L2.pgp
Description: OpenPGP digital signature

Reply to: