Re: [OT] Bogus undelivered message

To: debian-user@lists.debian.org
Subject: Re: [OT] Bogus undelivered message
From: Colin Watson <cjwatson@debian.org>
Date: Thu, 12 Jun 2003 23:53:05 +0100
Message-id: <[🔎] 20030612225305.GB7927@riva.ucam.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] E19QGcl-00017w-00@mclean.mail.mindspring.net>
References: <[🔎] E19QBWB-0007u2-00@smtp6.mindspring.com> <[🔎] 20030611203914.GA20038@ganymede> <[🔎] E19QGcl-00017w-00@mclean.mail.mindspring.net>

On Wed, Jun 11, 2003 at 09:11:21PM -0400, Mike M wrote:
> On Wednesday 11 June 2003 16:39, Karsten M. Self wrote:
> > If you want your messages authenticated, sign them.
> 
> I just started with GPG and  I'm still learning.  I need some
> clarification on the advice above.  Are you saying that by signing all
> emails, then I can positively distinguish real undelivered from bogus
> undelivered because the bogus ones will not have my digital signature?

Erm, kind of, but not securely. If for example you sent a signed message
to a mailing list, then anybody can take that signed message and send it
back to you. This is known as a "replay attack", although it's not a
serious problem unless you do something important based on receiving
such messages. Mail filtering generally isn't important to that extent.

Recent spam has been known to resend fragments of messages sent to
mailing lists.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

References:
- [OT] Bogus undelivered message
  - From: Mike M <linux-support@earthlink.net>
- Re: [OT] Bogus undelivered message
  - From: "Karsten M. Self" <kmself@ix.netcom.com>
- Re: [OT] Bogus undelivered message
  - From: Mike M <linux-support@earthlink.net>

Prev by Date: RE: Using Debian as a Broadband Router
Next by Date: Re: OT mozilla filter to keep my debian mail list organized
Previous by thread: Re: [OT] Bogus undelivered message
Next by thread: Re: [OT] Bogus undelivered message
Index(es):
- Date
- Thread