On Wed, 5 Sep 2012, NMTUser X wrote:
Dear Users,
(IF YOU ARE UNINTERESTED IN MY THOUGHT FLOW SKIP TO) -->##
I am going to assume for the moment that personal information privacy has
become a nonessential IT headache. Seemingly only important
to people who are more concerned with being paranoid and think they are in a
spy-vs-spy comic. With the inception of Facebook,
Myspace, Google groups and Circles, and etcetera...personal information has
become freely available to everyone.
Personally I think it is borderline voyeuristic to allow someone to peek over
your shoulder and watch you urinate all the time, but hey
thats just me! I have used PGP, GPG, and OpenPG since their birth, however I
find that professionally this makes me extremely
unpopular, so I opened a google acount and have been working on some simple
automation to combine a few of my accounts. I really
dislike, and find it rather creepy, that googlemail is reading and catagorising
you based on what you read and recieve in their mail
reader. Recently, I found an unconnected website with my google mail address
listed in it's database (I havent given it to anyone, not
even my wife!) and that really got me thinking. I used to use anonymizer
manglers all the time, but so many of them have ceased working
over the last ten years. Now I am at a new uni and they run linux mailservers,
procmail, and spamassassin...hmmm...I got to thinking
about something that could be possibly interesting. I scanned the FAQ's and
the Spamassassin website but I didn't see anything that
really applied to this problem. So My question is this:
##
Would it be possible to send mail to myself encrypted in pgp/gpg, use a token
at the beginning of the email with the correct email
address (which is on the local network) have procmail or spamassassin parse all
incoming messages, strip the headers, decrypt the
message, and reinsert it into the mail spool to be forwarded to the correct
person?
If so where do I begin to look? Could (gpgzip) attachments be preserved?
This would allow me to continue to use gpg I could ditch google and use ANY
mail forwarding agent - even hushmail - and I could keep my
professional life intact.
Cheers.
X
1) If you use any "cloud based" service (gmail, google, hotmail, yahoo,
amazon, etc) and you (or your agent) are not explicitly paying for it (IE
using the "free" variety) you are not a customer you are a commodity for
them to monetize. TANSTAAFL
2) encrypted messages (pgp/gpg/PKI, etc) require a private key at the
decryption end. Do you want to put -your- private key on some automated
system (your proposed "procmail or spamassassin" system) to be used
by some system you are not directly supervising?
My personal keys are pass-phrase protected for a reason. Are yours?
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
