Re: Sudden constant spoofing of my address

[Lee Braiden <jel@tundra.ath.cx>]

On Friday 10 Jun 2005 21:57, David Jardine wrote:
> I had this problem a week or two ago (I think I reported it in
> panic on this list).  It went away as suddenly as it appeared, but
> I'd be interested to know how GPG solves the problem - and what the
> best source of documentation is for GPG.

GnuPG does two things: encryption, and authentication..  The authentication 
provides a digital signature, which serves the same purpose as a traditional 
signature: proving who someone is.  Actually, they're MUCH better than 
traditional signatures, when used correctly.

GnuPG does both of those things by using keypairs: public and private keys.  
Everyone has a secret key, and then one which they publish.  If you have the 
public key of someone else, you can check everything signed by that person 
against their public key, and so you know that the person who wrote it is who 
they say they are.

I'm not sure how you would use this for preventing spam, though.  Presumably, 
you would only accept email from people whose public keys you have.  To me, 
that's like mining your garden: it might keep people away, but it'll keep 
everyone away, and it makes it tough to enjoy your garden, too.  Maybe I 
don't fully understand though.

-- 
Lee.

Please do not CC replies directly to me.  I'll read them on the list.