[SPAM -0.4] Re: PGP

From: Jim Hart <jim_at_nyob>
Date: Fri, 28 Oct 2016 19:15:02 -0400
To: CODE4LIB_at_LISTS.CLIR.ORG 
Spam detection software, running on the system "avery.infomotions.com",
has identified this incoming email as possible spam.  The original
message has been attached to this so you can view it or label
similar future email.  If you have any questions, see
eric_morgan_at_infomotions.com for details.

Content preview:  Depending on the client, the default security may be something
   other than PGP. Thunderbird comes to mind. I think it uses SSL. Gmail uses
   TLS. Yahoo! uses DKIM. Not that PGP can't be added as a plug-in or extension,
   sometimes (e.g. Thunderbird), but that may be beyond the capability (and
  willingness) of many people. [...] 

Content analysis details:   (-0.4 points, -1.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
-0.6 RP_MATCHES_RCVD        Envelope sender domain matches handover relay domain
 1.5 SUBJ_ALL_CAPS          Subject is all capitals
-0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 0.0 T_HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
                            domains are different
 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
                            domains are different
-0.0 SPF_PASS               SPF: sender matches SPF record
 0.5 RCVD_IN_SORBS_SPAM     RBL: SORBS: sender is a spam source
                            [74.201.84.163 listed in dnsbl.sorbs.net]
-1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                            [score: 0.0000]

attached mail follows:

Depending on the client, the default security may be something other 
than PGP. Thunderbird comes to mind. I think it uses SSL. Gmail uses 
TLS. Yahoo! uses DKIM. Not that PGP can't be added as a plug-in or 
extension, sometimes (e.g. Thunderbird), but that may be beyond the 
capability (and willingness) of many people.

I'd love to encrypt some of my email, but haven't been able to get 
agreement from even my most savvy acquaintances.

Let us know how it goes if you decide to tackle it.


James A. (Jim) Hart
Board of Trustees
Albert Church Brown Memorial Library
China Village, Maine, USA


On 10/28/2016 06:10 PM, Bigwood, David wrote:
> I've been thinking about privacy lately. It seems to me much more email should be encrypted. Many communications from the library might be personal and potentially damaging. Email from the library showing overdues, or holds might be sensitive. Would it be possible for our email systems to ask for a public PGP key along with email and then use that whenever sending out notices? Should my hospital, insurance company, bank, and so on be doing the same? Just asking, maybe we could take the lead on privacy in this area.
>
> David Bigwood
> dbigwood_at_hou.usra.edu
> Public PGP Key: http://pgp.mit.edu/pks/lookup?op=vindex&search=0x52B602E601695F10
> Lunar and Planetary institute
>
Received on Fri Oct 28 2016 - 19:15:22 EDT

URL: http://serials.infomotions.com/code4lib/