PGP messages getting flagged as spam

Sven Radde email at sven-radde.de
Wed Oct 17 09:34:34 CEST 2007


Hi!

Robert J. Hansen schrieb:
> The instant spammers figure they can sneak past SpamAssassin a
> fractional bit more by having a good PGP signature, we're going to see
> an explosion of PGP/MIME.
Probably true, but how will spammers get signatures on their stuff that
are valid *for me*? They would have to compromise one of the keys that
are valid on my keyring or one that would be considered trustworthy by
means of the web-of-trust.
Maintaining a dedicated database of "spam-keys" that had been
trustworthy but were used for spam would help, too (to assign messages
signed by those keys a bad score).
Note that this approach requires a per-user filtering by Spamassassin
but SA already handles per-user whitelists, blacklists and even
user-defined rules (not sure on the last one, though).
> The main body will be random text and have a
> valid signature; the attachment will be the permuted-per-recipient
> image, and will not.
Looks like a template for a nice Spamassassin filtering rule ("signed
body + unsigned attachment") to at least offset the bonus received from
the valid sig. ;-)

Just my 2 cents,
 Sven





More information about the Gnupg-users mailing list