-----BEGIN PGP SIGNED MESSAGE----- Steffen Zahn <zahn@berlin.snafu.de> writes:

Matt> Get one input line at a time, and look for Reply-To: and att> From: headers to get a reply address. As we are slurping up Matt> lines, watch for '-----BEGIN PGP' lines. If it is for

I suggest ignoring Reply-To: etc and requiring a return address inside the signed region of the mail, otherwise someone could intercept the mail (suppressing the original) and resend it from his account and the results would get sent to the interceptor.

This is a very good suggestion. I'll change emscrypt to use this.

Another idea would be to extract the return address from the PGP userid which signed the script.

I see that Mark M. has already commented on this, but I'll also add that I didn't want to limit the reply to the address attached to the key. For example, I have several accounts spread around, and I might want the replies to go to anyone of them.

Regards Steffen

Thanks for the input. - --Matt - -- mcarpent@mailhost.tcs.tulane.edu -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBMejLASjtJAMyBnp9AQEWyAf+IgmEApjh7CGo+sdCueH9BPQKLb9Dk7Qj 1HK7HoR8Dz/TnDPLicJgiaYj9z8gDfGLYWu2L4UIDIgQukb3o1JWOshTQAgyoCe9 gYxTYHvroNqMvq3ptPeeY73NVGsyTZnlcYJ/dlhWT90jReCZmIcrbpJNt+TIgGcm /s57Nw2zJzM8RrIWsCqs7gM0qogR2e71Gn4M+UFz9BfmMEw4X8qwZcD5M1//9VSi TqDjWnVucuUoWVZk+Bb6lKcxPwlAx6BxUZLaNaZrPlqvrSYJS4l451vgWkpcixSy Uuj+LU0cPd6qA3CHRHF4nllf3JcMP3uJeeWbmFjOZ+ItKkyQTSIVwQ== =JIXQ -----END PGP SIGNATURE-----