> If the person doing the verifying is a human, they don't need the stamp
That was my thought too. Can it be improved? If there is an API to create a unique key based on the contents of the message (and the headers) that the client can then verify with centmail (or w/e).
Sure it wont do anything for mail NOT covered with centmail. BUT you can dump anything with a faked key (likely spam) and let in those with a real key. Then anything else goes to the spam filter as usual.
Kinda like a more worldly version of PGP signing.
Obviously that kind of scheme would require much more support from email vendors.
That was my thought too. Can it be improved? If there is an API to create a unique key based on the contents of the message (and the headers) that the client can then verify with centmail (or w/e).
Sure it wont do anything for mail NOT covered with centmail. BUT you can dump anything with a faked key (likely spam) and let in those with a real key. Then anything else goes to the spam filter as usual.
Kinda like a more worldly version of PGP signing.
Obviously that kind of scheme would require much more support from email vendors.