I don't see these problems as large-scale. Every commercial company now has to put a legal disclaimer on it's emails or risk getting shot when a clerk emails the Times with "MS is crap".
Consequently, as these disclaimers are just appended to the emails, I doubt that any lists/bots that are "dumb" would work for most people anyway. In short it's a good idea, but beware that as a hacker could inject an email into the system, and get it signed, the signing signature should be just indicate that it left your mail system, and isn't specifically signed as yours. e.g. I could have it signed as [EMAIL PROTECTED] As for systems that drop attachments, yes they will cause trouble, but after all, you're signing the message so that such changes are noticed, right?? So lists that meddle are going to break the signing anyway, attachment or no. Dom - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dom De Vitto Tel. 07855 805 271 http://www.devitto.com mailto:dom@;devitto.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -----Original Message----- From: [EMAIL PROTECTED] [mailto:tmda-users-admin@;tmda.net] On Behalf Of Chris Garrigues Sent: Sunday, October 20, 2002 8:17 PM To: David U. Cc: [EMAIL PROTECTED] Subject: Re: TMDA and GnuPG > From: "David U." <[EMAIL PROTECTED]> > Date: Sun, 20 Oct 2002 13:57:09 -0500 > > Hi, > > Assuming a secure and private remote machine that handles mail for me > (and maybe some friends) is there any way to have TMDA automatically > gpg sign outgoing emails? Sometimes I use a command line MUA, > sometimes I use outlook express over IMAPS and sometimes I use > webmail. It would be nice i f I could just automatically gpg sign > emails on the server. > > I know that Anubis (anubis.sf.net) can do this and it is a proxy much > like tmda-ofmipd and sits between MUA and MTA. Since tmda-ofmipd > already does auth I thought it would be nice if it could hook into gpg > and sign outgoing messages. > > Thoughts? If you want the fact of your signature to actually mean anything, I think you'd be cautious about any scheme where your messages are automatically signed. Also, there are times that you don't want your messages signed. For instance, some mailing lists think it's an attachement and don't allow messages with attachments, or sometimes when you're mailing to an automated system which doesn't expect the signature. Chris -- Chris Garrigues http://www.DeepEddy.Com/~cwg/ virCIO http://www.virCIO.Com 716 Congress, Suite 200 Austin, TX 78701 +1 512 374 0500 World War III: The Wrong-Doers Vs. the Evil-Doers. _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
