diff options
author | Eric Wong <normalperson@yhbt.net> | 2014-04-03 20:28:30 +0000 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2014-04-03 20:28:30 +0000 |
commit | 6c775a61d97e0318e76443adb05f6b71a26a41c9 (patch) | |
tree | 4c8dfa42fc968a4ee90a7609065aefb2a68da521 /lib | |
parent | 1d885995ff2a8e7dc47504e5be60888d3dc06aa6 (diff) | |
download | public-inbox-6c775a61d97e0318e76443adb05f6b71a26a41c9.tar.gz |
We may keep PGP signatures for messages we do not modify. However, we have no way of verifying them on the server-side.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/PublicInbox/Filter.pm | 28 |
1 files changed, 8 insertions, 20 deletions
diff --git a/lib/PublicInbox/Filter.pm b/lib/PublicInbox/Filter.pm index 64c31e8e..0b4dce87 100644 --- a/lib/PublicInbox/Filter.pm +++ b/lib/PublicInbox/Filter.pm @@ -148,27 +148,15 @@ sub strip_multipart { } else { $rejected++; } + } elsif ($part_type =~ m!\Aapplication/pgp-signature\z!i) { + # PGP signatures are not huge, we may keep them. + # They can only be valid if it's the last element, + # so we keep them iff the message is unmodified: + if ($rejected == 0 && !@html) { + push @keep, $part; + } } else { - # reject everything else - # - # Yes, we drop GPG/PGP signatures because: - # * hardly anybody bothers to verify signatures - # * we strip/convert HTML parts, which could invalidate - # the signature - # * they increase the size of messages greatly - # (especially short ones) - # * they do not compress well - # - # Instead, rely on soft verification measures: - # * content of the message is most important - # * we encourage Cc: all replies, so replies go to - # the original sender - # * Received, User-Agent, and similar headers - # (this is also to encourage using self-hosted mail - # servers (using 100% Free Software, of course :) - # - # Furthermore, identity theft is uncommon in Free/Open - # Source, even in communities where signatures are rare. + # reject everything else, including non-PGP signatures $rejected++; } }); |