Greetings: Is anyone aware of a way to modify sendmail to require a verified digital signature for all mail sent? This subject came up after a discussion of the possible repercussions of forged email through port 25. Even a good PGP user can't use manual encryption on a message-by- message basis as a defense for false mail attribution. For example, someone forges a defamatory message and signs your name to it. The recipient brings it to public attention and you try to claim "it doesn't have my PGP sig, therefore I didn't send it". The obvious counter is that you purposely failed to sign it to preserve your plausible deniability. The only way this would work is if the system you're on won't accept mail unless accompanied by a digital signature, which would allow the user to claim innocence if it wasn't his sig. The mailer would also have to check the sig to ensure that it belongs to an authorized user on the system to prevent people from creating one-time keys just to appease the mailer and prevent their real sig from being used. Running this version of "SIGmail" (<-- note flashy new marketing name) on your system would seem to be a reasonable defense against claims of false attribution. Has anyone done any work along these lines? Is there an obvious fault with a system which would operate in this manner? Please don't misconstrue this as an attack on anon mail, which obviously needs to be preserved. What I'm interested in avoiding is mail forged with another user's name. All that's required to do a convincing job now is an account on the user's home system and some knowledge of ESMTP. Seems to me like this is a potential disaster waiting to happen. Maybe the H.E.A.T. crew can solve this one . . . Fabio, we need you! =D.C. Williams <dcwill@ee.unr.edu>