[mike-cardwell]

I care about my reputation, therefore I would not use Posterous.

There's nothing stopping Posterous keeping it working exactly the same way, but providing an additional layer of protection for users who want to lock down their blog.

1.) Don't publish emails unless they passed DKIM

2.) Don't publish emails unless they passed SPF

3.) Don't publish emails unless they contain a secret password

4.) Don't publish emails unless they're signed with my PGP key.

Any of the above would be enough. It's all about choice.

[rantfoil]

We do a mix of these things. In this specific case, it failed. We're investigating.

[mike-cardwell]

Cool. Would it be possible for me as a user to specify that only PGP signed emails should be auto-posted, and everything else should be subject to a confirmation email?

That would be the ideal scenario for me personally...

[rantfoil]

That's a good idea. What I want is some end-user-friendly PGP-like solution. If it existed in a form that we knew millions of users already were used to using, or that we could roll out -- we would do it in a heartbeat.

Have to think about normals on it though. It's not good enough to think about tech savvy people like us.

But for those who care, it might be the best way. Thanks.