letoams / openpgpkey-milter Goto Github PK
View Code? Open in Web Editor NEWOpenPGP milter service to automatically PGP encrypt plaintext emails when possible
License: GNU General Public License v3.0
OpenPGP milter service to automatically PGP encrypt plaintext emails when possible
License: GNU General Public License v3.0
I just managed to get this to work, after changing RRtype to 61 and removing base64 decoding of the keys.
My question, is this considered to be experimental only and forever, or will there be an update that can deal with multipart messages (especially, pgp signed messages delivered from an email client) and maybe dlv (I still need to use dlv.isc.org trust anchor...)?
I understand that real end-to-end encryption requires client side encryption, but I think this milter is interesting if the mail server is trusted (e.g. for companies).
Hi
I wondor of a simple configuration may be possible, two options come to mind
Would that be possible?
Besides that, it works great. I love it.
Hi,
First I want to say that I am by no means a packaging expert and just created my own Debian package by running debuild -us -uc
inside the debian
subdirectory of this repository. I installed the resulting package on my Raspbian installation and I noticed it was already running on localhost:8890
, but after configuring postfix to use this inet socket (before DKIM) I noticed that only PGP signed or encrypted mails were passed, as indicated by the added X-openpgpkey: Message passed unmodified
headers to my mails.
Plain messages were not encrypted and resulted in errors in my /var/log/mail.log:
Jul 9 15:51:55 heimdallur postfix/cleanup[11837]: D5AB81F37A: milter-reject: END-OF-MESSAGE from localhost[127.0.0.1]: 4.3.0 pymilter: untrapped exception in pythonfilter; from=<[email protected]> to=<[email protected]>
After inspection I noticed that openpgpkey-milter was missing the python-setproctitle
dependency and was also missing its /var/spool/openpgpkey-milter
spool directory. After I installed the dependency and created its spool directory mails were finally encrypted properly as shown below.
Jul 9 16:04:33 heimdallur openpgpkey-milter: Received DNSSEC secured OPENPGPKEY for [email protected]: Key-ID:394C398C531EFAB0 Fingerprint:2A9DF1D597A0539033C9B3EB394C398C531EFAB0 Jul 9 16:04:33 heimdallur openpgpkey-milter: Will encrypt message to fingerprints:2A9DF1D597A0539033C9B3EB394C398C531EFAB0
Could the dependency be added to the debian/control
file, and the /var/spool/openpgpkey-milter
be created after installation? That would really help. :-)
Would be nice if this tool supports WKD.
It is not always possible to set an OPENPGPKEY DNS record, and WKD is at least in my opinion much more easier to deploy.
https://wiki.gnupg.org/WKD
https://wiki.gnupg.org/WKDHosting
If you receive a S/MIME encryptet message (SMIMEA) no PGP encryption should be used. I added the following lines after the "# ### TODO ADD SUPPORT FOR MIME / ATTACHMENTS ####" block
# Protect against super-encryption
if "application/octet-stream" in msg["Content-Type"] and \
".p7m" in msg["Content-Type"] or \
"application/x-pkcs7-mime" in msg["Content-Type"] or \
"application/pkcs7-mime" in msg["Content-Type"]:
syslog('%s: Message already encrypted with S/MIME - letting it ')
return Milter.CONTINUE
In my case it works and I can combine openpgpkey-milter with smilla
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.