* on the Tue, Apr 08, 2014 at 10:41:11PM +0100, Klaus Ethgen wrote:
>> Write a simple script which can handle the verification, and invoke it
>> via ${run...} in the ACL hooked up to the DATA command, to be run after
>> "CRLF.CRLF" is received and before the response is sent.
>
> This is not that simple. What if the mail is signed _and_ encrypted?
> Usually the encryption is done outside and the signature is inside.
That is not correct. With PGP, we always sign the ciphertext. We don't
encrypt signed plaintext. (*)
> Another problem is for mime signatures that can include several
> multipart parts. Inline signatures are easy but seldom seen today.
Mail::GnuPG is a very simple Perl module that will handle openpgp
operations on multipart MIME emails. A Perl script to verify such
an email would probably be about half a dozen lines of code.
(*) If we signed *then* encrypted, then it would allow attacks such as:
1.) You send me a signed email that is encrypted with my public key. I
decrypt, re-encrypt with somebody elses public key and forward on to
them. Now it looks like you sent the message to them instead of me.
2.) You send a signed but unencrypted email to somebody. I intercept
and encrypt it with their public key and forward on. Now they think
the message was encrypted along the entire path, but it wasn't.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
