>>>Hmmm... So how will sharing public keys stop spammers from using your
>>>(or the list's) email address?
>>
>>I was thinking about this the other day. Would it be possible to make a
>>secure mailing list?
Sounds less like an issue with an insecure mailing list than just a mail with a
forged from header.
>>So lets say that the list had a GPG key, and all the users had GPG
>>keys. Now if the user, when sending an e-mail to the list, used the
>>list's key and encrypted the message with that key. Then, when the list
>>manager got the message, it decrypted it, checked the signature, and
>>then reencrypted it to all the users on the list. (I'm assuming
>>everyone sends their public key as part of the mailing list sign up)
>>
>>Would that be a secure list?
Secure, yes, good for the mail server, probably not as the load on the server
would be much higher.
> How would one browse the archives of encrypted messages?
One couldn't without the servers private key.
> Another questions it made me think of is would this prevent spammers from
> stealing email addresses?
It wouldn't and doesn't stop them from using the list address as the reply-to
(same thing with worms and viruses as they also forge headers).
> I'm thinking the encryption is only done on the message content, would
> someone please correct me if I'm mistaken?
Correct as the other mail servers have to know how to route the message and they
can't do that on encrypted headers.
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)