Exim4: automatically GPG-encrypting messages to specific recipients
I'd like exim4 to automatically encrypt messages to a specific recipient with the recipient's GPG public key. I thought this was a common issue with an established solution, but surprisingly I could not find anything. When I asked elsewhere, the reply was in effect it's complicated. I'm barely a novice as far as exim4 is concerned. Any hints? Michael -- Michael Schuerig mailto:mich...@schuerig.de http://www.schuerig.de/michael/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/38806912.RZ2shR16cg@fuchsia
Re: Exim4: automatically GPG-encrypting messages to specific recipients
On Sun 06 Apr 2014 at 12:57:52 +0200, Michael Schuerig wrote: I'd like exim4 to automatically encrypt messages to a specific recipient with the recipient's GPG public key. I thought this was a common issue with an established solution, but surprisingly I could not find anything. When I asked elsewhere, the reply was in effect it's complicated. I'm barely a novice as far as exim4 is concerned. Any hints? There is something similar at http://thread.gmane.org/gmane.mail.exim.user/93314/focus=93423 -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/06042014124529.cc402c814...@desktop.copernicus.demon.co.uk
Re: Exim4: automatically GPG-encrypting messages to specific recipients
On Sun, 06 Apr 2014 12:57:52 +0200 Michael Schuerig michael.li...@schuerig.de wrote: I'd like exim4 to automatically encrypt messages to a specific recipient with the recipient's GPG public key. I thought this was a common issue with an established solution, but surprisingly I could not find anything. When I asked elsewhere, the reply was in effect it's complicated. I'm barely a novice as far as exim4 is concerned. Any hints? This isn't really the kind of thing that exim4 would normally get involved in. If security is necessary, you want it client-to-client, not just between servers. While you may be using exim4 on the same machine as your email client, this isn't the expected usage, and MITM attacks may happen in a network (or even within a computer, for that matter). Email clients do this sort of thing routinely (the mis-spelling is not mine, that really is the page name): https://securityinabox.org/en/thuderbird_encryption Some people may use multiple email clients on different computers, with the mail all sent out through a network server, as I do. It would be convenient to do all the configuration in one place, but less secure, and not many people work in this way. About the only ready-made single-point-configuration solution will probably be webmail based on the server. Squirrelmail can use GPG though I don't know how sophisticated it is. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140406125009.49ccd...@jretrading.com
Re: Exim4: automatically GPG-encrypting messages to specific recipients
On Sunday 06 April 2014 12:46:45 Brian wrote: On Sun 06 Apr 2014 at 12:57:52 +0200, Michael Schuerig wrote: I'd like exim4 to automatically encrypt messages to a specific recipient with the recipient's GPG public key. I thought this was a common issue with an established solution, but surprisingly I could not find anything. When I asked elsewhere, the reply was in effect it's complicated. I'm barely a novice as far as exim4 is concerned. Any hints? There is something similar at http://thread.gmane.org/gmane.mail.exim.user/93314/focus=93423 Thanks, I'll look into it and hope I'll understand the configuration details. Michael -- Michael Schuerig mailto:mich...@schuerig.de http://www.schuerig.de/michael/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1838068.tklz92nIXU@fuchsia
Re: Exim4: automatically GPG-encrypting messages to specific recipients
On Sunday 06 April 2014 12:50:09 Joe wrote: On Sun, 06 Apr 2014 12:57:52 +0200 Michael Schuerig michael.li...@schuerig.de wrote: I'd like exim4 to automatically encrypt messages to a specific recipient with the recipient's GPG public key. I thought this was a common issue with an established solution, but surprisingly I could not find anything. When I asked elsewhere, the reply was in effect it's complicated. I'm barely a novice as far as exim4 is concerned. Any hints? This isn't really the kind of thing that exim4 would normally get involved in. If security is necessary, you want it client-to-client, not just between servers. While you may be using exim4 on the same machine as your email client, this isn't the expected usage, and MITM attacks may happen in a network (or even within a computer, for that matter). I don't intend to use it for personal mail. I want this for system- generated messages that are send to root. Those messages are already forwarded (/etc/aliases) to another user; in addition I'd like to send them to an (presumably) insecure email account hosted at a mail provider. Michael -- Michael Schuerig mailto:mich...@schuerig.de http://www.schuerig.de/michael/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/27943179.ye3H8oq7FM@fuchsia
Re: Exim4: automatically GPG-encrypting messages to specific recipients
On 2014-04-06, Michael Schuerig michael.li...@schuerig.de wrote: I don't intend to use it for personal mail. I want this for system- generated messages that are send to root. Those messages are already forwarded (/etc/aliases) to another user; in addition I'd like to send them to an (presumably) insecure email account hosted at a mail provider. Michael What about this (involves a simple Procmail ditty): http://www.marcus-povey.co.uk/2013/10/31/automatically-encrypt-system-emails/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/slrnlk2s8r.31c.cu...@einstein.electron.org
Re: Exim4: automatically GPG-encrypting messages to specific recipients
On Sunday 06 April 2014 15:23:23 Curt wrote: On 2014-04-06, Michael Schuerig michael.li...@schuerig.de wrote: I don't intend to use it for personal mail. I want this for system- generated messages that are send to root. Those messages are already forwarded (/etc/aliases) to another user; in addition I'd like to send them to an (presumably) insecure email account hosted at a mail provider. Michael What about this (involves a simple Procmail ditty): http://www.marcus-povey.co.uk/2013/10/31/automatically-encrypt-system- emails/ Thanks! That works very nicely. I always thought procmail wasn't for me as I only use desktop MUAs. Apparently I was mistaken. Michael -- Michael Schuerig mailto:mich...@schuerig.de http://www.schuerig.de/michael/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/4227358.zx6VL62iZf@fuchsia
Re: Exim4: automatically GPG-encrypting messages to specific recipients
On Sun 06 Apr 2014 at 18:18:18 +0200, Michael Schuerig wrote: On Sunday 06 April 2014 15:23:23 Curt wrote: On 2014-04-06, Michael Schuerig michael.li...@schuerig.de wrote: I don't intend to use it for personal mail. I want this for system- generated messages that are send to root. Those messages are already forwarded (/etc/aliases) to another user; in addition I'd like to send them to an (presumably) insecure email account hosted at a mail provider. Michael What about this (involves a simple Procmail ditty): http://www.marcus-povey.co.uk/2013/10/31/automatically-encrypt-system- emails/ Thanks! That works very nicely. I always thought procmail wasn't for me as I only use desktop MUAs. Apparently I was mistaken. How does procmail get called on all your *outgoing* mail? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/06042014195427.9d7d1c98a...@desktop.copernicus.demon.co.uk
Re: Exim4: automatically GPG-encrypting messages to specific recipients
On Sunday 06 April 2014 19:55:34 Brian wrote: On Sun 06 Apr 2014 at 18:18:18 +0200, Michael Schuerig wrote: On Sunday 06 April 2014 15:23:23 Curt wrote: On 2014-04-06, Michael Schuerig michael.li...@schuerig.de wrote: I don't intend to use it for personal mail. I want this for system- generated messages that are send to root. Those messages are already forwarded (/etc/aliases) to another user; in addition I'd like to send them to an (presumably) insecure email account hosted at a mail provider. Michael What about this (involves a simple Procmail ditty): http://www.marcus-povey.co.uk/2013/10/31/automatically-encrypt-sys tem- emails/ Thanks! That works very nicely. I always thought procmail wasn't for me as I only use desktop MUAs. Apparently I was mistaken. How does procmail get called on all your *outgoing* mail? It isn't and it doesn't need to. It is called for *incoming* mail. Remember, I'm interested in messages send to root by system processes such as cron. By way of /etc/aliases these messages are forwarded (root: michael). /home/michael/.procmailrc contains SUBJECT=`formail -xSubject:` FROM=`formail -xFrom:` :0 c *^To:.*root@.* |formail -I | gpg --trust-model always -ear pubkey@domain | mail -r $FROM -s $SUBJECT recipient@domain In effect, messages to root on that system are encrypted with the public key belonging to pubkey@domain and re-send to recipient@domain. The integration of procmail with exim4 works out of the box. There was no need for any explicit configuration to ensure it is called. Michael -- Michael Schuerig mailto:mich...@schuerig.de http://www.schuerig.de/michael/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/6534573.hOy9VIWqEE@fuchsia
Re: Exim4: automatically GPG-encrypting messages to specific recipients
On Sun 06 Apr 2014 at 21:14:22 +0200, Michael Schuerig wrote: How does procmail get called on all your *outgoing* mail? It isn't and it doesn't need to. It is called for *incoming* mail. Remember, I'm interested in messages send to root by system processes such as cron. By way of /etc/aliases these messages are forwarded (root: michael). /home/michael/.procmailrc contains [snip] You originally said I'd like exim4 to automatically encrypt messages to a specific recipient with the recipient's GPG public key. I took recipient to mean someone you were sending mail to; especially when you mentioned exim, Shows you -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140406192458.ga3...@copernicus.demon.co.uk
exim4 with gpg?
Hello, i run debian etch with exim4 (smarthost configuration) for outbound emails. Is it possible to encrypt the outbound emails with gpg? If it is possible how can i do that? thanks, Peter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: exim4 with gpg?
On Sat, Sep 22, 2007 at 04:42:25PM +0200, Peter Jordan wrote: Hello, i run debian etch with exim4 (smarthost configuration) for outbound emails. Is it possible to encrypt the outbound emails with gpg? If it is possible how can i do that? That is the job of your mail user agent (e.g. mutt). How can a mail transport agent sending mail to many different people encrypt the mail for each of them? Read the gpg manual/howto, etc. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: exim4 with gpg?
On 09/22/2007 09:42 AM, Peter Jordan wrote: i run debian etch with exim4 (smarthost configuration) for outbound emails. Is it possible to encrypt the outbound emails with gpg? gpg/pgp signing/encryption/decryption is all about trusting the human associated with the key pair. Using gpg relates to the mail *user*, so the mail server has nothing to do with gpg, other than delivering the message. If it is possible how can i do that? Sign/Encrypt with your mail client, then push Send ;) Looks like you are using Thunderbird - I use the Enigmail plugin [0] with Icedove - 'aptitude install enigmail'. -- Kind Regards, Michael Shuler [0] http://enigmail.mozdev.org/ signature.asc Description: OpenPGP digital signature
Re: exim4 with gpg?
On Sat, Sep 22, 2007 at 04:42:25PM +0200, Peter Jordan wrote: Hello, i run debian etch with exim4 (smarthost configuration) for outbound emails. Is it possible to encrypt the outbound emails with gpg? If it is possible how can i do that? Usually this is setup in the mail client (Thunderbird, Kmail, Mutt, ...). Please tell us what you use in order to be able to help. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) signature.asc Description: Digital signature
Re: exim4 with gpg?
On Sat, Sep 22, 2007 at 16:42:25 +0200, Peter Jordan wrote: Hello, i run debian etch with exim4 (smarthost configuration) for outbound emails. Is it possible to encrypt the outbound emails with gpg? If it is possible how can i do that? Encrypting and signing of emails is normally handled by the Mail User Agent (i.e. your email program). You seem to be using Thunderbird, which can get GPG support via the enigmail extension. Enigmail is packaged for Debian; you can also install it from http://enigmail.mozdev.org/ if you don't like the fact that the Debian package depends on Icedove. -- Regards,| http://users.icfo.es/Florian.Kulzer Florian | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: exim4 with gpg?
Douglas A. Tutty, 09/22/07 17:24: On Sat, Sep 22, 2007 at 04:42:25PM +0200, Peter Jordan wrote: Hello, i run debian etch with exim4 (smarthost configuration) for outbound emails. Is it possible to encrypt the outbound emails with gpg? If it is possible how can i do that? That is the job of your mail user agent (e.g. mutt). How can a mail transport agent sending mail to many different people encrypt the mail for each of them? Read the gpg manual/howto, etc. Doug. sorry, i forgot to say that i run a server, and i want the cron-/logcheck-messages etc to be encrypted. Peter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How encrypt cron output mail [was: exim4 with gpg?]
On Sat, Sep 22, 2007 at 06:17:38PM +0200, Peter Jordan wrote: Douglas A. Tutty, 09/22/07 17:24: On Sat, Sep 22, 2007 at 04:42:25PM +0200, Peter Jordan wrote: i run debian etch with exim4 (smarthost configuration) for outbound emails. Is it possible to encrypt the outbound emails with gpg? If it is possible how can i do that? That is the job of your mail user agent (e.g. mutt). How can a mail transport agent sending mail to many different people encrypt the mail for each of them? Read the gpg manual/howto, etc. Doug. sorry, i forgot to say that i run a server, and i want the cron-/logcheck-messages etc to be encrypted. OK. So its: how can I get cron messages to be encrypted. How about leaving the root mail to go to a local user (even root) and then use exim's mail filter stuff to pass the mail to a script you write that takes the mail, encrypts it, and forwards it to you wherever in the world you are? I don't know, but at least the question is clarified so you won't get everyone telling you the same thing. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How encrypt cron output mail [was: exim4 with gpg?]
Douglas A. Tutty [EMAIL PROTECTED]: On Sat, Sep 22, 2007 at 06:17:38PM +0200, Peter Jordan wrote: Douglas A. Tutty, 09/22/07 17:24: On Sat, Sep 22, 2007 at 04:42:25PM +0200, Peter Jordan wrote: i run debian etch with exim4 (smarthost configuration) for outbound emails. Is it possible to encrypt the outbound emails with gpg? If it is possible how can i do that? That is the job of your mail user agent (e.g. mutt). How can a mail transport agent sending mail to many different people encrypt the mail for each of them? Read the gpg manual/howto, etc. sorry, i forgot to say that i run a server, and i want the cron-/logcheck-messages etc to be encrypted. OK. So its: how can I get cron messages to be encrypted. How about leaving the root mail to go to a local user (even root) and then use exim's mail filter stuff to pass the mail to a script you write that takes the mail, encrypts it, and forwards it to you wherever in the world you are? Easier. Tell exim to route root's mail to a user who then uses procmail/getmail, and any mail incoming for root is gpg encrypted by getmail/procmail with root's public key and the result is emailed and saved by that user's mua, deleting the original incoming mail. That user will need root's private key to read the copy. I don't know, but at least the question is clarified so you won't get everyone telling you the same thing. Thanks. Clarification's good. -- Any technology distinguishable from magic is insufficiently advanced. (*)http://blinkynet.net/comp/uip5.html Linux Counter #80292 - -http://www.faqs.org/rfcs/rfc1855.htmlPlease, don't Cc: me. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]