On Fri, 30 Apr 2010 15:23:54 +0100, Michael Thomas <mike(_at_)mtcc(_dot_)com>
wrote:
On 04/30/2010 07:05 AM, McDowell, Brett wrote:
Yeahbut... there are zillions of mailing lists out there. How do you
know the good ones
from the bad ones? Keep in mind, of course, that bad guys can resign
too, and they can
easily make themselves look like a mailing list if that's something that
gives them
advantage.
Yes, but the fundamental property of mailing lists is that you sign up to
them. So if you receive a message from a mailing list that you never
subscribed to you (and the phisher in unlikely to know what you are
subscribed to, except that you are certainly not subscribed to his bogus
list) then you do not trust any signature created by that list manager.
Generally speaking, if you sign up to a list, you do so or a reason, and
you have a pretty good idea of who is running the list and for what
purpose.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html