XML Feeds
Gpg signed spam
I've just had my first ever gpg signed spam email. Yes it is gpg signed, and its signed correctly with a key that seems to not be mentioned anywhere ( or atleast papa google does not know about it ). These guys are still getting better and wiser. Whats next ?
Going to see how this shapes up over the next few days before dropping my gpg-header -> whitelist rule :/
15/Jun/2009 09:10:38 am, 
5 comments
Comment from: Frank [Visitor]
While it's possible that they're getting wiser, my bet would be that the spam was sent through a compromised system set up to autosign some or all outgoing mail, either through an outlook/thunderbird plugin, or on a local MTA.
15/Jun/2009 @ 10:11
Frank,
That is entirely possible - however I've had another 2 today ( so far ), all of them are a different key, and seem to have followed very different paths into my mailbox.
If it really is someone doing this as a spam effort, I am guessing that cpu cycles are no longer a major cost for these guys..
That is entirely possible - however I've had another 2 today ( so far ), all of them are a different key, and seem to have followed very different paths into my mailbox.
If it really is someone doing this as a spam effort, I am guessing that cpu cycles are no longer a major cost for these guys..
16/Jun/2009 @ 08:30
Comment from: Jon [Visitor] · http://jmtd.net/
Just adjust the whitelisting rule to only whitelist stuff signed with known keys (known as in exists, if you can afford the lookup)
31/Jul/2009 @ 10:15
Boris,
I dont really want to make it easier to ID me.
I dont really want to make it easier to ID me.
21/Nov/2009 @ 06:58