[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sunday 21 August 2005 11:41 am, David Bell wrote: > On Sunday 21 Aug 2005 11:26, Neil Williams wrote: > > e.g. mine is: > > KDE 3.3.2 > > KMail 1.7.2 (running inside Kontact) > > Same here. I merely don't want split screen message displays ? You mean the preview window? > and having to > either select the 7 bit plain text version, I think your preview window is too small ! :-) > or scroll down the screen if > the message is more than a few as lines; as the screen is mostly filled > with "message displyed with unknown key .....". To reduce that message to just two lines, you could install gpg, check the box in KMail and let gpg retrieve keys automatically. Then it would be a two line yellow notice instead of the longer purple-ish one. Of course, I would say that - I'd like everyone to only ever use signed email! email without a signature is like junk mail sent to Dear Sir/Madam - they've got no idea who you are and I've got NO idea if your email really comes from you. Anyone can send email from David Bell mumble@xxxxxxxxxxxxxxxxxxxxxx The list doesn't know any better, so anyone at all can pretend to be you on the list and anywhere else. I've done this before - as proof for those who didn't believe - it is trivially easy for me to send an unsigned email to this list as if it came from your email address. Nobody would be able to tell just from the default appearance in the window. You'd have to check the email headers quite carefully to find the change. How often does anyone actually do that? All I have to do is create a new Identity in KMail with your name and email address details and send to the list as that identity. Simple. Now try and send email pretending to be me - the lack of a signature gives the game away. But you don't sign, so how can I be sure that it really IS you sending your email? It could be Simon, or Robin or Lord Lucan even Bill Gates! Think of the problems of accountability, libel and identification. Think of the misunderstandings, the confusion, the sheer hassle of trying to prove to someone that it wasn't actually you who sent them an email from your address calling their parentage into question, etc. etc. The only way to protect yourself from that is to SIGN ALL EMAIL. If everyone you send to gets used to the fact that everything you send is always signed, they will notice one that is not signed and question it's source. Nobody can fake my signature without compromising the key so it provides complete assurance that anything signed with this key really was typed BY me. > Not to worry, if there ain't a simple solution I'll have to scratch around > for a different client. Thunderbird makes the signature less noticeable (which is one of the reasons I dislike using it for my own email). I would strongly recommend that you actually SIGN your own emails and give others some assurance that it really is you sending the email. There is no other method of giving such assurance. How do I know the message came from you? -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgpOYbH6I5TD4.pgp
Description: PGP signature