Sendmail and GnuPG wrapper
Claus Assmann
ca+gnupg@esmtp.org
Mon Jun 11 18:30:01 2001
On Mon, Jun 11, 2001, Josep Llauradó Selvas wrote:
> Anybody knows about an encription wrapper through GnuPG and Sendmail to allow
> the sending and receiving of encrypted/signed messages?
Why do you want that? What's wrong with STARTTLS?
> I think that the implementation can be easy, but I'm not a hacker of sendmail,
> 'cos you only need a linux box with sendmail and gpg, and filter the input from
> SMTP port to a script, to find the sender and the receiver from the gpg keys
> database and then sign, encrypt (if we have private and public keys) or don't
> modify the mail message.
>
> The incoming messages can be parsed through the same script to decrypt de mail
> or verify the signature, giving the result to the destination user.
If you want to give the private keys to the MTA then you should use
TLS instead. Either you want end-to-end security (then the MUAs
have to take care of that) or you're happy with MTA-to-MTA security
(then you can use the standard STARTTLS).
If you would just use it for encryption (sender side) or signature
verification (receiver side) then it might have a bit of value over
STARTTLS. But then at least one side has to use *PG in the MUA.