A former client (who had moved from Notes to Outlook, god bless 'em) suffered a large financial hit when a bookkeeper received a late Friday afternoon urgent directive from the "CEO" (who was conveniently unavailable to confirm) to immediately, before EOB that day, wire transfer umpteen thousand dollars to a foreign bank account. The money was, of course, never seen again, and at least one department head's head rolled out the door as a collateral result.
Upon hearing this story I concluded that digital signatures could go a long way to preventing spearphishing attacks such as this one. Thus, if the bookkeeper had been required to act only upon receipt of an email digitally signed by the CEO, the bookkeeper would have seen that the received message was not digitally signed and would have rightfully refused to send the money on that basis.
To, to test this idea, I set up a policy in my own organization that forces the addition of digital signatures to all new messages. Then I discovered that, while this works great for messages addressed to internal (Notes) addressees, it causes a dialog to pop up whenever an external (Internet) address appears in the outgoing message address fields. The dialog box basically says that the sender doesn't have an appropriate (X.509) private key and cannot sign the message to the external addressee, and asks the sender to choose between sending the message unsigned or not sending it at all.
So, MY NEW IDEA: Enhance digital signature management so that admins can, by policy, supply the answer to the question in the outgoing dialog, so that either all mail addressed to external users automatically goes out either unsigned or not at all, without bothering the user, while all mail addressed to internal users automatically includes the sender's digital signature.
