Haren writes: > If SMTP server uses certification authentication > to trace all messages easily. And each mail adds > the SMTP's server's public key and then is > signed by the SMTP on the message, so when you > receive it you know if the signature does not verify > it has been tampered. This is a truckload of additional overhead, though. Not only that, but even a slight modification of the signed text will invalidate all the signatures. Then what?