Hi everyone, A little over a year ago I asked (on this list) [0] about a solution for secure, remote access via email. The only existing solution that seemed to do what I wanted was grunt [1], by our own John Goerzen [2], but it has virtually no documentation [3], so in the time-honored *nix tradition, I decided to roll my own. I figured it would be a great way to teach myself some Perl, which it was, and I also learned a bit about the gory details of OpenPGP, gpg, and MIME types. It is now a full blown (and fully documented) project hosted on Sourceforge [3].
In brief, Mailmin is basically a specialized MDA. Your MTA, MDA, or MRA passes Mailmin mail to Mailmin. Mailmin uses gpg to decrypt the message and verify the signature. It then invokes the shell to process any commands contained therein (it can also do file transfer to and from the remote system via special Mailmin directives). The output is placed into the body of an outgoing message, gpg is once again invoked to sign and encrypt the message, and it is then sent via sendmail (or a sendmail drop-in). Mailmin is a Perl script. It isn't (yet?) a Debian package, but its dependencies are all in the official repos. It is currently a fully functional beta release. I would love to get any feedback from any of you Perl / mail / OpenPGP gurus out there, as well as from regular users. I obviously care most about any security mistakes I may have made, but I am also interested in bugs in general, as well as feature requests, usability issues, and anything else. You can contact me on or off the list. Note that I myself am *not* a Perl / mail / OpenPGP guru, so be careful! Celejar [0] http://lists.debian.org/debian-user/2006/01/msg00463.html [1] http://packages.debian.org/unstable/source/grunt [2] http://people.debian.org/~jgoerzen/ [3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=250664, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=252989 [3] http://mailmin.sourceforge.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
