On Thu, 2003-11-27 at 10:49, Dietmar Maurer wrote:
Hi all,
we are looking for a solution to implement secure mailing lists. We need the following behaviour:
1.) A secure mailing list has an assiciated PGP Key. 2.) postings to the list are encrypted with the public key of the list. 3.) The list server decrypts the message, and then, for each list member, encrypts the message with the public key of the list member and sends that mail.
That way the whole traffic is encrypted.
Does somebody know a solution for that problem? Is there already such extension for mailman? If not, how long would it take to implement such thing?
It's not there, but I don't think it would be too hard. Here's a sketch of a simple first take:
Add an interface to MemberAdapter.py to set a user's public key. Add an implementation to OldStyleMemberAdapter.py to store the key somewhere (e.g. in a dictionary on the MailList object).
Add u/i goo to surface the public key setting in the member's option page. Probably as an upload box or a text box for pasting.
Add a module to Mailman/Gui for generating and setting the list's key pair. I'm guessing there's going to be no password on the private key otherwise the Mailman daemon process can't really decrypt the message. To get the pubkey, I'd either publish it on the listinfo page, or maybe add an email command to retrieve it. The latter would go in Mailman/Commands/do_getkey.py or some such.
Obviously you're going to do personalized deliveries, so for any such list you'll probably want to disable digests. You'll need to hack Mailman/Handlers/SMTPDirect.py's verpdeliver() function do to the encryption for each recipient. I'd probably do this part differently depending on whether I wanted this feature for all lists at your site, or just a few. If the former, I'd probably just rewrite SMTPDirect.py to do the specific handling you're interested in, call it something different, and then set DELIVERY_MODULE in mm_cfg.py.
Those are just some ideas to get you started. -Barry