Signing headers (was Re: Evolution signatures)

Stewart V. Wright
Thu Aug 7 14:16:02 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Just my $0.02 worth...

> > I consider some headers (especially the subject) to be part of the
> > communication of a message.  As such, I'd like to protect the privacy a=
> > integrity of those parts the same way as the message itself, as much as
> > that's possible.
> Amen, brother. :-)

This might seem like a valid point that the MUA creates the Subject,
To, CC etc headers and that they are separate from the MTA/MDA but
this is unfortunately not an enforced standard.

The Uni I work at recently installed a (pretty awful) plugin for Exim
that among other things does (pretty awful) spam blocking.  This
(pretty awful) program (exiscan + spamassassin) modifies messages that
it thinks are spam by putting a '{SPAM?}' at the start of the subject
line, as well as adding various X-Spam headers.

This is (apparently) a "Good Thing(TM)" for people that use MUAs that
automatically open attachments, view HTML, and all those evils that
make spammers life worthwhile.

However, I like my email unadulterated (what else is it changing?
Will it affect my SpamCop submissions?), and this change is entirely
outside my control.  Whilst we all would like to think that headers,
like message bodies are inviolate, they aren't.  :-(

What I'm offering to the thread: No solutions, just more problems.



Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.3-cvs (GNU/Linux)

Signature policy: