Testing for encryption. (fwd)
David Honig
honig at sprynet.com
Thu Feb 22 12:07:23 PST 2001
Re: preventing accidental cleartext from getting reflected:
If the mail agent blocks cleartext, great, your recipients won't ever
be sent cleartext by your reflector.
But we can make the problem harder if we care about someone sniffing the
careless
sender's message. To prevent this, you can either use an online-SSL
system, or you can insist that your members set their email crypto plugin to
*always encrypt* when sending to your list.
If you're actually building an encrypted-only-remailer, may be able to save
participants
some tedium by having the remailer have one key for the
list-submission-address, and resending messages with individual
subscribers' key. Otherwise each subscribe must use a feature called
"Groups" in PGP's Eudora Plugin 6.x (which they may not have if e.g., they
use command line versions) and *each has to maintain a local copy of the
membership list*, which defeats
the purpose of using a remailer.
Actually these functions belong in the listserver (remailer) not the SMTP
agent.
1. filter on:
list of acceptable substrings such as headers, 'CDR:' tokens, etc.; and/or
entropy threshold and/or;
recognized digsigs from members of the list
2. decrypt
3. for each list member
encrypt msg from previous step and send
.......
"What company did you say you were from, Mr. Hewlett?"
---Walt Disney to Bill Hewlett eetimes 22.01.01 p 32
More information about the cypherpunks-legacy
mailing list