On Mon, 22 Mar 2004, Dennis Boone wrote:

> Like a lot of folks I suppose, we're fighting the issue of forged from
> addresses and list posting, caused mostly by the spam and virus plague.
> For now, the solution is obvious if tedious: use "send= blah,confirm".
>
> I'm wondering if there's any support planned for letting posters
> (or editors or ...) sign messages using public-key schemes.  This would
> let us go back to single phase posting, getting a large number of
> people off my back. (:-)

We've implemented a private key system for two of our announce-only lists.
What we are doing would not be feasible for a larger list -- but it works.

The process is easy enough:

The originating system generates e-mail and adds special headers with a
copy of the sender's public key and a cryptographic header (encoded with
the sender's private key and the public key for the list and based on
parts of the message). The receiving system passes the email through a
filter that checks for the special header and matches it against the
proper parts of the message using the private key for the list and the
public key from the sender. If it fails, the message is silently dropped.
If it clears, the filter removes the special headers and passes it off to
LISTSERV.

It works great -- no spam messages or other spurious messages to the list
to the list maintainer, no need for any verification or validation. Users
can't see anything, so no questions about "funny headers."

On the negative side, I am not allowed to share code beyond what I've
written above.

PK is a great idea, but it would be tremendously difficult to do with a
large list and a variety of people contributing. It's much more easily
done when you have something like an announce list.

-- DCP