[Mailman-Developers] Mailman and GPG.
J C Lawrence
claw@kanga.nu
Mon, 06 Nov 2000 10:28:49 -0800
On Sun, 05 Nov 2000 17:55:37 -0500
The guy named after an Om Kalthoum song <ocschwar@MIT.EDU> wrote:
> Greetings! I am wondering if anyone has begun an implementation
> of Gnu Provacy Guard email handling in Mailman, that would work
> along these lines:
I'm actually engaged (very slowly) in implementing automatically
crypted mail support at the MTA level for a friend (he wants
Sendmail support, I'm starting with Exim). There actually is little
to no reason to add Mailman to the mess -- all the (de)crypt
activities can occur compleatly outside of Mailman's operations.
The 50,000 foot view for what I'm doing:
Mail arrives at the MTA (localhost or SMTP).
The MTA detects a flag string in the message or message x-headers.
Depending on which strings were used, the MTA either:
-- signs the mail with the author's key
-- signs the mail and crypts it with the recipient's key
The author's key is stored locally. All other keys are required
to be available via public keyservers.
Extending this to a mailing list actually isn't very difficult:
Mail arrives at the list.
Instead of being handed off to the list exploder, it passes thru a
filter first which looks for blocks crypted with the list's key.
If a crypted block is found, it is decrypted, surrounded by flag
strings, and a flag x-header is added to the message.
The message is then handed to the list exploder.
The list exploder explodes the message and hands the bits back to
the MTA.
The MTA upon delivery of *ANY* message, looks for the X-header.
If present it then crypts the flagged block with the envelope's key.
If this is so simple, why am I not done yet?
-- correct MIME support isn't entirely trivial
-- I'm trying to think of ways to make it auditable *AND* scalable
-- I've been distracted
--
J C Lawrence Home: claw@kanga.nu
---------(*) Other: coder@kanga.nu
http://www.kanga.nu/~claw/ Keys etc: finger claw@kanga.nu
--=| A man is as sane as he is dangerous to his environment |=--