Mark Constable wrote:
On Wednesday 09 January 2008 19:58:44 Alessandro Vesely wrote:
If the MTA's local delivery agent handled the encryption,
using a public key supplied by and from the users homedir,
it would eliminate any other user on the system from
interferring with the messages. Sure, Google Mail engineers
and hacked LDA's could intercept messages on contrived
systems but, in general, once messages were encrypted
then they would be safe from further prying.
Of course you can do that using maildrop/openssl, e.g.
if (/^X-Encryption-Required: Yes/)
xfilter "openssl smime -encrypt certificate.pem"
This is pretty close but encrypts the complete message
whereas I only want to encrypt the content body.
Where certificate.pem is readable by the server and has
also been imported in the client. Well, "openssl smime"
leaves something to be desired, as it eliminates all
existing headers. In any case, the headers won't be
encrypted, therefore the privacy that the client may
enjoy is slightly below secure pop3: an intruder on the
server will still be able to enumerate all received
messages.
Thanks for your suggestion and I can now see that using
maildrop to handle this is the way to go and I've done
quite a bit of reading (never used PGP/smime before) but
I can't get a grip on an easy/efficient way to get at
just the body of a message at the point of local delivery
through maildrop.
Would anyone have an idea how I can get at the body of a
message using maildrop or would I have to shell out to an
external script/program ?
openssl is already an external command, so using a wrapper script is the
way to go (if this is your road ;-p)
I would be interested to hear about this if it works for users. Thanks
in advance.
9 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Encrypted IMAP St...
