On 10/15/07, gabriel rosenkoetter <[EMAIL PROTECTED]> wrote: > It's up o the site administrator to make use of SA rules that aren't > braindamaged. It's hardly the fault of the authors of SA if some > site decides to add 2.5 points to every message with a MIME > attachment, though you can, perhaps, see how that might be a naive > approach that works pretty well most of the time.
Another problem: automatically adding negative score to PGP data would make that an attractive tactic for spammers. If such a rule were popular in SpamAssasin, you'd see a lot of base64 encoded HTML spam with "fake" PGP headers, I imagine. The real solution would be for SpamAssasin to check that the PGP messages are well-formed, and verify signatures on any PGP message before altering its score. A tad CPU intensive, I think, and it poses a host of key management and trust management issues if the SpamAssasin systems serves many users (which most do). -- RPM _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
