David Gibbs a écrit : > Bill Landry wrote: >> This may be true if the sender were adding the footer before signing and >> sending the message to the list. However, not true if it's the mailing >> list that is adding the footer after the original sender has already >> signed the message. > > As I understand it, in order for the signatures to be valid, the message has > to be signed by the sender ... because most mailing list software adds > headers. > > Mailman has specific functionality to remove signature headers so that the > message can be resigned as it's sent out. >
which doesn't help, because if I get mail claiming to come "From: <mo...@netoyen.net>", yet it doesn't have a sig of mine, I don't really care if some fancy mailman owner has added his own. if all it takes is to claim to be a "mailman", then I can fake all signatures of the whole internet by adding mailman headers.
