The magic token has to be cryptographically tied to the contents of the
original message
No it doesn't. It has to be cryptographically tied to the mailing list's
re-sending of the message. How to do that with asymmetric keys should be
discussed somewhere other than on this list.
Now I'm totally confused. How does that help me as a sender distinguish
between a good mailing list that is resending real mail from Yahoo and an
evil mailing list that is sending phishes?
Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
smime.p7s
Description: S/MIME Cryptographic Signature