X-Sig: An Email Signing Extension for the Simple Mail Transport Protocol (SMTP)

X-Sig is:

  • A way to know exactly who is sending you email
  • A way to reduce/eliminate spam email
    • Spammers rely on open relays and invalid return email addresses to generate spam
    • If you could verify exactly where an email is coming from, spamming would no longer be an anonymous practice

X-Sig is NOT:

  • An email protection mechanism (encrypt the message itself)
  • Creating something that is complicated
  • Creating something that is not backwards-compatible with everything out there today


Postfix Signing Implementation

Automated signing has been implemented as a Postfix filter. The Postfix implementation requires Python 2.3 or greater and OpenSSL. See the installation guide for details.

Prototype Implementation


X-Sig and the X-Sig prototype was conceived and written by Robert Rose, rose @.@ cafwap.net.

Copyright (c) 2004 Robert Rose