On Mon, Mar 13, 2023 at 03:35:20AM +0100, Vincent Lefevre wrote: > On 2023-03-12 22:30:50 -0400, Jeffrey Walton wrote: > > Security on a channel (like HTTPS) usually makes it tougher to inspect > > traffic. Or at least it makes it tougher in HTTPS. In fact, spam > > filters are mostly useless for messages encrypted with a tool like GPG > > or GnuPG. > > Are there spammers who send encrypted messages??? > This seems counterproductive.
It seems doable, but somewhat awkward. For a spammer to send me an encrypted message, they would have to fetch my public key. This would have to happen in an automated way (on spam, every millionth of a cent counts). Doable, but given the population sice (and arguably, type) I don't think it would add up. Of course, TLS is a whole different kettle of fish. On the one hand, it's just the /transport/ which is secured (so the systems [1] on both sides know the plaintext and can run whatever Bayes they like on it. On the other hand, spammers can just get a LetsEncrypt cert for only the setup cost -- so just having a "valid certificate" wouldn't count very much towards the trust chain. Having a valid certificate tied to the DNS would count a bit more (yes, someone might lose control of their DNS, but those events are statistically more sparse). [1] I consider browsers more like MTAs as whole systems. They are operating systems in their own right, with knowledge about your hardware, running other people's code on your box and a small fractal of window managers, GUI toolkits, virtual machine Rube Goldbergisms and all that. For better or worse. Worse, if you ask me. Cheers -- t
signature.asc
Description: PGP signature
