X-Sig

X-Sig

X-Sig: An Email Signing Extension for the Simple Mail Transport Protocol (SMTP)

X-Sig is:

A way to know exactly who is sending you email
A way to reduce/eliminate spam email

Spammers rely on open relays and invalid return email addresses to generate spam
If you could verify exactly where an email is coming from, spamming would no longer be an anonymous practice

X-Sig is NOT:

An email protection mechanism (encrypt the message itself)
Creating something that is complicated
Creating something that is not backwards-compatible with everything out there today

Documentation

Postfix Signing Implementation

Automated signing has been implemented as a Postfix filter.

Installation Guide: x-sig-postfix.pdf
Download: x-sig-postfix.tgz

The Postfix implementation requires Python 2.3 or greater and OpenSSL. See the installation guide for details.

Prototype Implementation

SquirrelMail 1.4.3a w/ X-Sig support: [sigmail.tgz] [diffs]
X-Sig sign/verify front-end for OpenSSL: [Sig.java]
Digmail key retrieval tool: [digmail.pl]
Mail server key provisioning tool: [sig.php]

Contact

X-Sig and the X-Sig prototype was conceived and written by Robert Rose, rose @.@ cafwap.net.

Copyright (c) 2004 Robert Rose