LuKreme wrote: > I’d assume there would be something in the headers to indicate the message > was encrypted. Probably some sort of milter running on your submission port > would be able to check this?
I'd implement a milter or similar which looks at the Content-Type header. Typically it looks like this for S/MIME encrypted e-mails. Content-Type: application/pkcs7-mime; name="smime.p7m"; smime-type=enveloped-data If you're really eager with your security requirements you have to dig into the S/MIME structures to ensure that the encryption used is sufficiently strong. Another interesting issue is how to get the recipient's certs. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
