Deliberate false signatures in spam?
Mon Jul 21 23:21:02 2003
Content-Type: text/plain; charset=us-ascii
On Mon, Jul 21, 2003 at 03:48:11PM -0500, Kyle Hasselbacher wrote:
> I wonder if SpamAssassin can do multi-line patterns. If so, you could get
> it to match PGP signatures more strictly. That would have stopped this,
If not, one could add separate checks for
/^-----BEGIN PGP SIGNED MESSAGE-----$/ and/or MIME-wrapped,
> but not a more carefully created fake. To make it really work, you'd have
> to be able to really verify the signature.
At most, I'd send it through pgpdump[.net] and see if it produces
a keyid. If it does, I'd be willing to investigate further, block
messages purportedly signed by certain keys, etc. However, I wouldn't
automatically run GPG to check incoming messages.
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
firstname.lastname@example.org | web: http://jharris.cjb.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
-----END PGP SIGNATURE-----