Awesome Open Source
Awesome Open Source

WARNING

This is pre-release software. It's only been testing by me on my personal postfix server. Running this anywhere on a production machine might cost you your job, although afterwards please do let me know how it failed you so I can fix it.

openpgpkey-milter

openpgpkey-milter is a sendmail/postfix milter service that will attempt to automatically OpenPGP encrypt plaintext emails received by the MTA/MUA before relaying the message further towards the recipient(s). These can be messages received from the network, or generated locally.

Requirements

Apart from requiring a milter compatible mail server (postfix or sendmail), openpgpkey-milter requires:

  • python-unbound / unbound-python (in all major distros)
  • python-milter / python-pymilter (in all major distros)
  • python-requests (in all major distros)
  • python-gnupg (older versions might need a patch
  • gnupg, libmilter, etc which are dragged in dependancies by the above packages

Recommended

The hash-slinger package contains an "openpgpkey" command that allows you to generate and verify your own OPENPGPKEY records.

How does it work

openpgpkey-milter detects when a message is not encrypted with gpg and then checks all the recipients to see if they published the special OPENPGPKEY DNS record or a Web Key Directory.

Configuration of the milter service

To use openpgpkey-milter with postfix, add to /etc/postfix/main.cf

 smtpd_milters = inet:127.0.0.1:8890
 non_smtpd_milters = $smtpd_milters
 milter_default_action = tempfail
 milter_protocol = 2

If you run opendkim, ensure you add openpgpkey-milter before opendkim or you'll break the opendkim signatures. For the fedora/rhel configuration where opendkims uses port 8891, you can use the following:

 smtpd_milters = inet:127.0.0.1:8890, inet:127.0.0.1:8891
 non_smtpd_milters = $smtpd_milters
 milter_protocol = 2
 milter_default_action = accept

Mailing list and bug reports

There is no mailing list yet. Please send questions and bug reports to [email protected]. However if you run openpgpkey-milter on your mail server and it broke, you might be better of mailing me at the unsigned domain [email protected].

Alternatives To Openpgpkey Milter
Select To Compare


Alternative Project Comparisons
Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Python (819,784
Email (21,294
Encryption (11,897
Plaintext (1,688
Postfix (1,502
Gnupg (603
Sendmail (564
Openpgp (410