ietf-mailsig
[Top] [All Lists]

Re: Web pages for MASS effort

2004-11-19 19:24:15

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


hi folks --

I don't think I've said "hi" here yet, but I've been lurking ;)
A quick note on Dave's summary sheet (thanks Dave, it's great!) --
under 'Transformation Protection' it speculates

    'Con: Does copying [IIM's "copy protected headers" concept] really
    increase protection?'

I would like to note that this is, indeed, *ideal* for us in SpamAssassin;
it lets us adopt new heuristics to deal with moderately-broken gateways
like old, unupgraded Mailman mailing list managers.   Detecting Subject
line modification, where such modification is mailing-list-style
subject-tag prepending, is very easy in this case.  

So, in my opinion, "copy protected headers" does increase protection, by
allowing verifiers to "rescue" some mails from becoming false positives
when rewritten by to nonconformant gateways -- and in that case, not
having to apply a blanket exemption for list-gated messages that fail the
signature check.

- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFBnqqmMJF5cimLx9ARAgdrAKCD0tZDTEN4jF9z+8czAfjzLLLqlACfVRVO
svEu1PQb9EzyDsQ1ljfLcLE=
=w5QJ
-----END PGP SIGNATURE-----


<Prev in Thread] Current Thread [Next in Thread>