On 10 Sep 2002 at 9:31, Davide Libenzi wrote:
> > On Tue, 10 Sep 2002, EDV - WHW (Goesta Smekal) wrote: > > > > > On 9 Sep 2002 at 9:50, Davide Libenzi wrote: > > > > > > > > On Mon, 9 Sep 2002, Frederik Gallon wrote: > > > X-Auth-User: is already there > > > > Sorry to disagree, but in case of malicious code this doesn't help me > > much. Any header field can be faked. > > No, sorry. If there's a Received: header before X-Auth-User: it means that > it has been faked, otherwise it's real. Just try it ... Well, technically speaking you are certainly right (you wrote the daemon anyway ;-) ) but what I need is an aproach, non-techs can easily understand. My idea was like this: People phone or mail me, claiming user [EMAIL PROTECTED] sent them Klez. I tell them how Klez works and that the sender, as shown by the mail user agent, is no proof anyway, but they don't seem to comprehend. So I thought it would be nice, if the SMTP server would add a digital signature to every message that is valid (again and again, I have some good ideas how to verify this) that is visible with any mailclient. Even if recipients can not deal with GPG signatures (most of them certainly don't) they can still see it. And after some time they get used to seeing those funny character blocks at the end of any message that comes from my.dom. So it will be easy to tell them: 'If it has no character mess below, it's fake'. Did I make my point clear now ? So, Davide, it would be _realy great_ if you could (some time in the not so far future) add a feature, that works exactly like 'Domain message filters', but for outbound traffic. Thank you very much for the great server nevertheless ! Goesta -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]