Sendmail and GnuPG wrapper

Claus Assmann
Mon Jun 11 18:30:01 2001

On Mon, Jun 11, 2001, Josep Llauradó Selvas wrote:

> Anybody knows about an encription wrapper through GnuPG and Sendmail to allow
> the sending and receiving of encrypted/signed messages?
Why do you want that? What's wrong with STARTTLS?
> I think that the implementation can be easy, but I'm not a hacker of sendmail,
> 'cos you only need a linux box with sendmail and gpg, and filter the input from
> SMTP port to a script, to find the sender and the receiver from the gpg keys
> database and then sign, encrypt (if we have private and public keys) or don't
> modify the mail message.
> The incoming messages can be parsed through the same script to decrypt de mail
> or verify the signature, giving the result to the destination user.
If you want to give the private keys to the MTA then you should use TLS instead. Either you want end-to-end security (then the MUAs have to take care of that) or you're happy with MTA-to-MTA security (then you can use the standard STARTTLS). If you would just use it for encryption (sender side) or signature verification (receiver side) then it might have a bit of value over STARTTLS. But then at least one side has to use *PG in the MUA.