On Mon, 15 Oct 2007 13:26, malayter@gmail.com said:

The real solution would be for SpamAssasin to check that the PGP messages are well-formed, and verify signatures on any PGP message before altering its score. A tad CPU intensive, I think, and it poses

FWIW, a few weeks ago I received the first PGP signed spam. The signature was good and I believe that it was sent using a trojan utilizing the local MUA which was configured to sign all outgoing mail. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'