So? They are doing it already... and it is not a whitelist, each message posted to the list need to be signed and the signature must be valid... only the sender with his public key can sign... posting under somebody's fake e-mail won't do...On Mon, 2004-02-09 at 16:53 +1200, Franck Martin wrote: > I wonder if we could add to this list, that non digitally signed e- > mails and invalid digitally signed e-mails get held for approval. I don't think that will scale too well when the list gets active. And white-listing someone once they're been approved gives the spammers a tidy list of which sender addresses to fake.
I'm not saying to reject non esig mails, but to held them for approval by moderators... If you want your post to go through quickly, sign it... It would be a worthwhile incentive..."Be liberal in what you accept" should apply to the IETF mail server as well. > > I would be nice that the IETF members of this list show the way by > enabling at least GPG or s/mime for digital signing of all their > messages to the list. Don't get me wrong: encouraging people to use pgp is a good idea, but making it a requirement before accepting it is a policy decision that the end user should be making, not the list.
Cheers
---- Franck Martin franck@xxxxxxxxx SOPAC, Fiji GPG Key fingerprint = 44A4 8AE4 392A 3B92 FDF9 D9C6 BE79 9E60 81D9 1320 "Toute connaissance est une reponse a une question" G.Bachelard |
Attachment:
signature.asc
Description: This is a digitally signed message part