[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


* Daniel Rychlik (daniel@rychlik.ws) [020802 13:43]:
> Hello,
> I have recently setup PGP on my Debian server at home.  I have setup
> Exim for relay of 3 hosts.  I would like to be able to include pgp
> signature signing for the three hosts.  My wife uses Outlook for her
> email and I was wandering if their was a way to automatically sign her
> email messages as they leave the mailbox.  Ive read the documentation
> Phillip Zimmerman, but it doesnt really have any info on setting up
> pgp keys for mail clients.  Any information would be great!  

I'm not sure exactly what it is you're trying to do, but I think you
should ask yourself what it is you're trying to gain.  If you have the
signatures added automatically, then I presume you also mean that you
are keeping private keys without passphrases.  The signature on those
messages doesn't really tell me that the message comes from your wife,
but rather that it passed through your mail server (if even that).  IMO,
GPG is something that should be implemented just at the ends of an
end-to-end communication path.  That is to say that I sign a message
when I compose it, before I send it.  It doesn't get signed somewhere in
the middle.  Similarly, I don't ask my tools to automatically decrypt
messages I receive; I do that only when I view them.

I'm not sure if there are any add-on packages for outlook (there were
last time I checked, but they may have since been orphaned), but it
sounds to me like your idea of adding it on at the server adds little
real security.

good times,

Attachment: pgpLTDUW9bJx6.pgp
Description: PGP signature

Reply to: