PGP messages getting flagged as spam
snoken at tunedal.nu
Wed Oct 17 09:00:33 CEST 2007
At 16:32 2007-10-15, Werner Koch wrote:
>On Mon, 15 Oct 2007 13:26, malayter at gmail.com said:
>> The real solution would be for SpamAssasin to check that the PGP
>> messages are well-formed, and verify signatures on any PGP message
>> before altering its score. A tad CPU intensive, I think, and it poses
>FWIW, a few weeks ago I received the first PGP signed spam. The
>signature was good and I believe that it was sent using a trojan
>utilizing the local MUA which was configured to sign all outgoing mail.
The good news is that this makes it fairly easy to locate the
compromised computer and alert the user.
More information about the Gnupg-users