Tristan Miller wrote: > Greetings. > > In article <[EMAIL PROTECTED]>, Theo Van Dinter wrote: > > FWIW: While this type of thing may sound like a good idea, it also > > opens you to a remote abuse of resources. If I'm a spammer and I > > want to annoy people, I'd start sending all of my mails with fake > > signatures. Then the recipients, who use this plugin, will get to > > spend a lot > > of cpu time finding out that the signatures aren't good. > > Is this really an issue? Consider the following: > > 1) How does the CPU time required to check a signature compare to the > CPU time required for other typical SA tests? For installations which > implement large rulesets (SARE) and Bayesian filtering, my guess is > that the extra cost of verifying a signature will be relatively small. > > 2) How does the real time required to check a signature compare to > the real time required for other typical SA tests? For installations > which implement network checks (DNS checks, Razor), these will be the > real time bottlenecks. Even if the recipient needs to query a key > server for the signature verification, the delay will be increased > only by a constant factor. > > 3) Neither the increase in real time nor CPU time necessary to > implement signature checks is likely to be an issue for home users. > Your annoying-spammer scenario would annoy only ISPs who offer > server-side SA filtering to a large number of clients. And any ISPs > so annoyed are welcome to configure SA not to implement signature > checks.
I think the real question is: "Is there a benefit to doing this?" You are creating a rule with a negative score. Negative scoring rules are for the purpose of preventing false positives. Are you having a problem with signed emails being marked as spam? If not, this rule will just increase your processing time by some amount and give you no benefit. This rule will only be helpful under the following conditions: 1) The message is not spam 2) SA would score the message as spam without this rule 3) The message has a valid signature This is the type of rule which may be useful sometime in the future when everyone starts signing their emails, but for now, I would suspect that this rule will hit very few emails. -- Bowie
