To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.generalOpen lugnet.general in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 General / 45574
45573  |  45575
Subject: 
 Digitally Signed Email
Newsgroups: 
 lugnet.general
Date: 
 Wed, 18 Feb 2004 20:58:00 GMT
Viewed: 
 600 times
  
This is just the kind of email spoofing that makes digital signatures a good
idea.

Nowadays about 95% of email clients across a variety of OS's support S/MIME
digital signatures.  Verisign sells them for a yearly fee - but there are at
least two providers that give them away for personal use.

Here's a site with some information on getting a free digital ID - and some
other information on using them.

    http://www.marknoble.com/tutorial/smime/

If people signed their email you'd know when it was spoofed because it'd
arrive with no signature or an invalid one.

My favorite feature of S/MIME as opposed to other forms of email signing is
that it doesn't require the installation of third-party software to verify
the messages.  Since most people have S/MIME support in their existing mail
client, verification happens automatically.  You don't really have to know
how it works to benefit from knowing that the email really came from the
person who appears to have sent it - and that the message contents haven't
been altered.

NNTP newsgroup posts can also be S/MIME signed - I usually post this way in
the rec.toys.lego newsgroup.


"Mookie" <Mookie@tanarth.com> wrote in message
news:LAEJKFGCAJBFPIBHFEHLIEANCEAA.Mookie@tanarth.com...
What is happening is the virus is picking an address you'd trust, it's not
really coming from lugnet.  I have to keep trying to explain this at work • to
the users when it happens :)
(at least with some of the current virii that are out there right now) I'm
pretty sure this Netsky.B is doing the same thing.



Message has 1 Reply:
  Re: Digitally Signed Email
 
(...) Or simply SPF. (URL) No encryption needed, and it happens automagically behind the scenes. (...) Or, GPG signatures are *entirely* free. Any decent mail client should support that. (21 years ago, 19-Feb-04, to lugnet.general)

Message is in Reply To:
  RE: Virus Alert: Netsky.B spread by lugnet's mail service!
 
What is happening is the virus is picking an address you'd trust, it's not really coming from lugnet. I have to keep trying to explain this at work to the users when it happens :) (at least with some of the current virii that are out there right (...) (21 years ago, 18-Feb-04, to lugnet.general)

9 Messages in This Thread:


Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact

This Message and its Replies on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR