Re: [exim] accepting email authenthicating on GPG/PGP signat…

Top Page
Delete this message
Reply to this message
Author: Mike Cardwell
Date:  
To: exim-users
Subject: Re: [exim] accepting email authenthicating on GPG/PGP signature
* on the Mon, Mar 03, 2014 at 05:58:49PM +0100, Leonardo Boselli wrote:

> Is possible to authenthicate the acceptance of e-email based on the GPG
> signature, that is every message has a GPG signature, if the message
> is signed by someone that is in the public keyring of MTA, and the
> gignature is verifiesm, it is accepted, else is refused ?


I did something similar in the past (contract work), but with S/MIME
rather than PGP, and it just added a header to the email if S/MIME
verification passed, rather than using it for authentication.

I suspect it would be quite easy to write an embedded Perl script to do
this using Mail::GnuPG. In Exim in the DATA ACL you would check if
$message_body contains "-----BEGIN PGP SIGNATURE-----" and if it does,
feed $message_headers and $message_body into the script.

-- 
Mike Cardwell  https://grepular.com/     http://cardwellit.com/
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3  B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1  BF1B 295C 3C78 3EF1 46B4