Multiple "clean" signatures --- Fixed

Tal Kelrich tal at MUSICGENOME.COM
Thu Jul 18 09:37:43 IST 2002


On Wed, 2002-07-17 at 18:53, Julian Field wrote:
> It now uses the presence of the "X-MailScanner:" header to work out if it
> should sign it or not. If the header is already there, it will assume it
> has already been signed and will not sign it again.
> 
> I know this is easy to defeat by users adding fake "X-MailScanner:" headers
> to their mail, but since signing is not a vital function I didn't think it
> really mattered, and there is no way to do it otherwise (if you have
> messages passing through more than 1 MailScanner server). If you have
> changed the "X-MailScanner:" header to some other name, you will obviously
> need to be consistent across your site for this feature to work. (Otherwise
> it doesn't know what header to look for!)
just as a clarification, it now works like this?

1. header: Clean, message clean, doesn't sign.
2. header: clean, message infected, sign infected.
3. header: infected, message clean,  sign clean.
4. header: infected, message infected, doesn't sign.
4. no header, clean, sign clean.
5. no header, infected, sign infected.

-- 
Tal Kelrich

PGP Fingerprint: 3EDF FCC5 60BB 4729 AB2F  CAE6 FEC1 9AAC 12B9 AA69
PGP key-id: 12B9AA69
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20020718/f153283d/attachment.bin


More information about the MailScanner mailing list