lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: onedo at (
Subject: PGP signed mail? Has to be spam!

> That said, I agree, having a valid signature doesn't make a message not
> spam.  Having a valid signature from a *trusted* key is another story.  If
> we can't retirive your key from a public keyserver, we can never figure out
> if there is a trust path without asking you for a key first.  This doesn't
> work.  Use the keyservers, people.
> -Chris

The problem stays the same. The implication of my experience(and several of 
the list replies here) are:
If you want your mails to be delivered, abandon crypto. I do not like that at 

There were suggestions like contacting the admin of the receiving mail 
server(the one with the filter) and telling him that his spam filter better 
not delete signed mails, or telling my friend to tell her boss that she has 
problems with her business contacts due to signed mails being filtered out. 
Well, thats a theoretical approach imho. The company I'm refering to is the 
size of the swiss UBS bank. Good luck contacting their admins. And one 
employee complaining about the spam filter, I seriously doubt it would change 


Powered by blists - more mailing lists