Mail was designed as a gullable system, and this is generally abused
by spammers. Fighting spam is a balancing act between failures to
accept and reject. With the more refined identity model of the
IdentityHub, we have new tools to strike a better balance.
OpenPGP is a powerful technology for signing and encryption, because it
does not imply a stiffling key infrastructure. Instead, it uses a
Web Of Trust that is flexible... and complicating for new users. We now
introduce an approach to securely use OpenPGP without even that.
DKIM is the technology that signs a message and some of its headers
at a mail server en route; mostly this is done by the originator of
the email. One problem remains that slows down its introduction as a
hard filter, and that is email handling that edits the message and then
forwards it, as is common for email lists. This article nails the
integration of DKIM with forwarding.