Jim Fenton wrote:
Tony Finch wrote:
What I would like to be able to do is reject any message which has a
signature that fails to verify, without false positives (which are defined
by senders and recipients of messages, not by me).
This looks to be very hard to do, in the short term, anyway.
Yes, though I think it's an important wish-list item to consider because I
think a lot of people are going to expect to be able to do this whether
it's feasible or not.
I'm reading your wording carefully, and it sounds like you're proposing to
deal more harshly with "broken" signed messages than unsigned messages. I had
been thinking along those lines, but gave up on it because of what I said
above. Can you elaborate on your rationale?
A few vague reasons:
The crapness of anti-spam provision on the desktop means that server-side
implementations make more users happier faster.
The sooner you can reject obviously bogus messages the better, for
efficiency reasons.
SMTP rejections have better error-detection than filtering into a spam
folder that's never read.
Users don't want to have to configure anything.
On the other hand, and arguing against myself, even if an invalid
signature is only a "soft" negative indicator it would be a useful
ingredient for SpamAssassin etc.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
SOLE: WEST OR SOUTHWEST 5 TO 7, INCREASING GALE 8 FOR A TIME. RAIN AT TIMES.
MODERATE OR GOOD.