On Tue, 15 Dec 2015, Axb wrote:
On 12/14/2015 09:32 PM, John Hardin wrote:
All:
Any objection to promoting __CT_ENCRYPTED and ENCRYPTED_MESSAGE out of
the sandbox to permanent rules, and giving ENCRYPTED_MESSAGE a negative
(nice) score (say, -1)?
I think that's fairly safe to do, as I doubt a spammer would impose the
overhead of decryption on their victims, and I'm not sure exactly how
well sandbox+masscheck works for "nice" rules.
-1 Too easy to forge such mime headers.
...but does the message get displayed to the user if the body isn't
encrypted/signed properly per the header?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[email protected] FALaholic #11174 pgpk -a [email protected]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...to announce there must be no criticism of the President or to
stand by the President right or wrong is not only unpatriotic and
servile, but is morally treasonous to the American public.
-- Theodore Roosevelt, 1918
-----------------------------------------------------------------------
Today: Bill of Rights day
