As well as fetching the public key, it'd need access to a private key too. I
think the private key is considered the bigger problem, for various reasons.
There have been a few attempts addressing the needs of this complex use case.
AFAICS none have been successful, but I'm out of date.
See the
On 27/10/2019 10.25, Sam Tuke wrote:
> As well as fetching the public key, it'd need access to a private key too. I
> think the private key is considered the bigger problem, for various reasons.
The scheme that I am describing needs only public key on the server.
Not sure why you would think othe
On 27/10/2019 10.25, Sam Tuke wrote:
As well as fetching the public key, it'd need access to a private key
too. I think the private key is considered the bigger problem, for
various reasons.
On 27.10.19 10:40, Fourhundred Thecat wrote:
The scheme that I am describing needs only public key on
> On Oct 27, 2019, at 12:20 PM, Matus UHLAR - fantomas
> wrote:
>
> Encrypting mail at postfix level could create false sense of security.
> How do you know that nobody can read it on the server bore it becomes
> encrypted?
>
> And what's the poing of encrypting mail to you, when it came throug
Some while ago, I had a Perl script around Mail::GPG as mailbox_command,
or inside a procmailrc, I'm not sure. I had it trigger only for a
certain address extension, e.g. mailbox+...@domain.tld. It worked quite
alright.
> Can such filter work, without ever storing plaintext email on disk ?
>
> An
On 2019-10-27 Fourhundred Thecat wrote:
> when new email arrives, and it is not already encrypted, I would like to
> run it through a filter, which would encrypt the message with my public
> gpg key, as if the original sender has sent the email encrypted.
>
> Why do I want to do this ? Why not ask
On 27/10/2019 13.29, Ansgar Wiechers wrote:
> Several years ago I wrote something like that [1]. However, if your mail
> server is untrusted I don't think there's a point in bothering.
no server is 100% trusted. By this logic, should I therefore give up?
> Even if
> you pass the mail through an e
On 10/27/19 6:48 AM, Fourhundred Thecat wrote:
> On 27/10/2019 13.29, Ansgar Wiechers wrote:
>> Several years ago I wrote something like that [1]. However, if your mail
>> server is untrusted I don't think there's a point in bothering.
>
> no server is 100% trusted. By this logic, should I therefo
On 27/10/2019 15.23, Stephen Satchell wrote:
> OP, let me ask this: your proposal appears to be to modify the delivery
> agent so that, instead of storing e-mail in cleartext, it insteads use
> the public part of a public/private keypair to encrypt the payload of
> incoming email.
I did more rese
Fourhundred Thecat:
[encryption at rest, but not whole-disk encryption]
> With my scheme, all emails would be stored encrypted on my server, and
> decryption key does not exist on the server (emails are decrypted on my
> local client)
>
> What would be the best way to implement this ?
Use the loc
On 27/10/2019 17.10, Wietse Venema wrote:
> Use the local(8) delivery agent. In your $HOME/.forward file, pipe
> the mail into a program that encrypts it with your public key, then
> writes the result to maildir.
I am using Postfix with Dovecot. I believe it is Dovecot who saves
messages to maildi
On 27 Oct 2019, at 10:52, Fourhundred Thecat <400the...@gmx.ch> wrote:
> On 27/10/2019 17.10, Wietse Venema wrote:
>> Use the local(8) delivery agent. In your $HOME/.forward file, pipe
>> the mail into a program that encrypts it with your public key, then
>> writes the result to maildir.
>
> I am
On 10/27/19 7:38 AM, Fourhundred Thecat wrote:
>> Further, the client would need to support the decryption of
>> superencrypted mail,
> there will be no "superencrypted" emails. As I explained in the first
> sentence of my original description, I want to process only emails which
> are not already
On 27/10/2019 18.20, Stephen Satchell wrote:
>> are you perhaps confusing decryption with verifying the senders signature ?
>
> No. Signature verification and decrypting are two separate operations.
> You will have to investigate how your mail client handles mail that has
> been encrypted with on
Fourhundred Thecat:
> On 27/10/2019 17.10, Wietse Venema wrote:
> > Use the local(8) delivery agent. In your $HOME/.forward file, pipe
> > the mail into a program that encrypts it with your public key, then
> > writes the result to maildir.
>
> I am using Postfix with Dovecot. I believe it is Dove
Dnia 27.10.2019 o godz. 17:52:03 Fourhundred Thecat pisze:
>
> I am using Postfix with Dovecot. I believe it is Dovecot who saves
> messages to maildir.
Not necessarily. I'm using Postfix with Dovecot too and I'm using Postfix's
default local(8) to store mail. I didn't enable Dovecot's LDA. That
> On Oct 22, 2019, at 9:08 PM, Viktor Dukhovni
> wrote:
>
> You see them not used. Kx=RSA. See ciphers(1):
Hi Viktor,
Thank you for sending this - for some reason, I had it in my mind that key
distribution was only via DH/DHE/ECDHE and I completely forgot about RSA (as
well as a couple of
17 matches
Mail list logo
