Re: Sudden constant spoofing of my address
On Fri, Jun 10, 2005 at 10:02:46PM +0100, Lee Braiden wrote:
> On Friday 10 Jun 2005 21:57, David Jardine wrote:
> > I had this problem a week or two ago (I think I reported it in
> > panic on this list). It went away as suddenly as it appeared, but
> > I'd be interested to know how GPG solves the problem - and what the
> > best source of documentation is for GPG.
>
> GnuPG does two things: encryption, and authentication.. The authentication
> provides a digital signature, which serves the same purpose as a traditional
> signature: proving who someone is. Actually, they're MUCH better than
> traditional signatures, when used correctly.
>
> GnuPG does both of those things by using keypairs: public and private keys.
> Everyone has a secret key, and then one which they publish. If you have the
> public key of someone else, you can check everything signed by that person
> against their public key, and so you know that the person who wrote it is who
> they say they are.
Right, I understand the principle from using ssh.
>
> I'm not sure how you would use this for preventing spam, though. Presumably,
> you would only accept email from people whose public keys you have. To me,
> that's like mining your garden: it might keep people away, but it'll keep
> everyone away, and it makes it tough to enjoy your garden, too. Maybe I
> don't fully understand though.
It's not a question of preventing spam coming to me - the bounce
messages I had may have been based on incompetent software as some
people have suggested but to me they seemed legitimate responses -
but of spam going out under my name. Clearly, there is no magic
that gpg can do to prevent that.
Thanks for your help,
David
--
David Jardine
"Running Debian GNU/Linux and
loving every minute of it." -L. von Sacher-M.(1835-1895)
Reply to: