On Tue, 15 Dec 2015, Matthias Leisi wrote:
header __CT_ENCRYPTED Content-Type =~
/^multipart\/(?:x-)?(?:pgp-)?encrypted|application\/(?:x-)?pkcs7-mime/
What's to stop the spammer using a very short public key? The overhead
for the victim would be minimal
It wouldn’t even need to be a valid key, just adding the right „markers“
would be sufficient. I don’t believe that many mails would be lost due
to actually invalid signature and/or encryption.
Hm. Yeah, I can ses a spammer not caring if their mail displayed a
"signature verification failed" message as long as the user can see their
content.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[email protected] FALaholic #11174 pgpk -a [email protected]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...to announce there must be no criticism of the President or to
stand by the President right or wrong is not only unpatriotic and
servile, but is morally treasonous to the American public.
-- Theodore Roosevelt, 1918
-----------------------------------------------------------------------
Today: Bill of Rights day
