Multiple "clean" signatures --- Fixed
Tal Kelrich
tal at MUSICGENOME.COM
Thu Jul 18 09:37:43 IST 2002
On Wed, 2002-07-17 at 18:53, Julian Field wrote:
> It now uses the presence of the "X-MailScanner:" header to work out if it
> should sign it or not. If the header is already there, it will assume it
> has already been signed and will not sign it again.
>
> I know this is easy to defeat by users adding fake "X-MailScanner:" headers
> to their mail, but since signing is not a vital function I didn't think it
> really mattered, and there is no way to do it otherwise (if you have
> messages passing through more than 1 MailScanner server). If you have
> changed the "X-MailScanner:" header to some other name, you will obviously
> need to be consistent across your site for this feature to work. (Otherwise
> it doesn't know what header to look for!)
just as a clarification, it now works like this?
1. header: Clean, message clean, doesn't sign.
2. header: clean, message infected, sign infected.
3. header: infected, message clean, sign clean.
4. header: infected, message infected, doesn't sign.
4. no header, clean, sign clean.
5. no header, infected, sign infected.
--
Tal Kelrich
PGP Fingerprint: 3EDF FCC5 60BB 4729 AB2F CAE6 FEC1 9AAC 12B9 AA69
PGP key-id: 12B9AA69
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20020718/f153283d/attachment.bin
More information about the MailScanner
mailing list