verifying signatures in .forward/.qmail files

Jack McKinney
Tue, 17 Oct 2000 13:15:32 -0500

Hash: SHA1

    I'd like to be able to verify signatures from within a script.
What I need is a gpg command that will check for a valid signature
and return the validity possibly via the return code.
    My goal is to use qmail's condredirect feature (for sendmail users:
it is possible with qmail to put a command into your '.forward' file
that either redirects, drops, or keeps the message based on the return
code of a specified script) to redirect incoming email to a separate
folder if it has a valid signature.  There will be some issues in writing
this script (is the signature in a separate attachment, or in a clearsigned
message, etc.).  I can write the script to account for these details, but
I need gpg syntax for checking signatures quietly, and returning the
result in a computer readble way (optimally, I'd like gpg to output the
matching keyid, or even entries user id entry).
    My ultimate goal is going to be to set up an ezmlm mailing list, where
subscription requires that your subscription request contain your public
key.  In order to post to the list, your message must be signed by the
public key you originally submitted.  With a few more enhancements, one
could implement a secure moderated list in this way.

- --
"Restore your inalienable human rights.             Jack McKinney
 Vote Libertarian.                
                                                    1024D/D68F2C07 4096g/38AEF076
Version: GnuPG v1.0.2 (GNU/Linux)


Archive is at - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to