Log in

No account? Create an account
Damn those spammers - Nick [entries|archive|friends|userinfo]

[ website | gagravarr.org ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Damn those spammers [May. 30th, 2004|08:29 pm]
Just now, I got a most enterprising spam (which I'll happily email to anyone who's interested). Multipart MIME message, plain text part which contained a PGP signature, HTML part with the spam message, and a GIF.

The GPG signature was forged, but claimed to be from someone respectable looking and moderately present in the web of trust.

So, I guess spamassassin is now going to have to check for valid GPG signatures, rather than just them being present. Bah

Update: Alex Gough has pointed out that he thought of something like this a little while ago. I guess the difference to his idea is scale, but only a matter of time - not everyone has PGP keys, but many more people have spamassassin (or similar) which regard PGP signatures as a good sign. Any bets on how long until his idea does actually happen?