Re: [exim] automagic GnuPG handling

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: W B Hacker
Data:  
Para: exim users
Asunto: Re: [exim] automagic GnuPG handling
Daniel Aleksandersen wrote:
> Ted Cooper wrote:
>> Daniel Aleksandersen wrote:
>>> My first posting.
>>>
>>> Can exim4 handle GnuPG automagically? What I am imagining is the
>>> following two senarios:
>>>
>>> outgoing messages > check if recipient’s public key is known > encrypt
>>>> send message as normal
>>> incoming messages > check if message is encrypted and sender’s public
>>> key is known > decrypt > save message as normal
>>>
>>> Is this within exim’s capabilities?
>>>
>>> Can anyone please advise on how to implement this?
>> This is a MUA problem, not an MTA problem. There are a number of plugins
>> for each of the usual MUAs that allow you to do this.
>>
>> eg. Thunderbird has Enigmail
>
> I specifically intended for the server to handle the encryption instead of the client.


Then closest you can do is store each user's public key, build an
router/transport set that can utilize it, and place the whole shebang
into the mailstore encrypted.

Forget the far-end being able to do anything useful with such!

You'll them have to code-up either aPOP/IMAP deamon or a new MUA that
cna get it TF *back out again* in usable form, 'coz the headers and such
will be encrypted also.

Much easier to put the mailstore atop an OS-encrypted fs, (Exim won't
know or care..)

... and/or establish a specialty 'inter/intra office' net of smtps-only
servers that epeak only to each other. Easier to just put staff in all
offices onto ONE server, use SSL/TLS submission & POP/IMAP, and deny
off-net traffic to those in-house accounts. A road very well-traveled.

Otherwise - as stated - *PG or SMIME is an MUA's task if you want any
sort of interoperability at all. Or sleep.

Further - it distributes the not-insignificant workload of
encryption/decryption - not to mention key management and support - over
many user CPU and their local support staff instead of one server and
one mailadmin (team)...

You do need to sleep now and then, do you not?

Bill