Hi everybody! Let me suggest an idea that could help to separate spam from non-spam:
If I receive a message encrypted with PKI (=encrypted using MY public key) - that means that very probably I have sent email to that person during the validity time of that key (1-2 years maybe). Because public keys usually don't get exchanged by mechanisms other than email I would consider it almost certain that the encrypted message does not come from a spammer.
What I am suggesting is a whitelisting tool: Those who satisfy the condition are considered non-spam. It says nothing about the others.
In the Mozilla implementation this would lead to adding a simple optional rule to the junk mail filter:
"Let messages encrypted with my valid public key bypass junk mail filter."
[checkbox]
This is not any magic solution to the spam problem - just a small partial helper.
Regards Tomas Svoboda
P.S.
About one month ago I have suggested the same for digitally signed messages. Now however it struck me that whitelisting should work even better for encrypted emails.
_______________________________________________
Mozilla-security mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-security
_______________________________________________ Mozilla-security mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-security
