[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Encrypting incoming messages with GnuPG

Hash: SHA1

On 05/09/09 18:05, Harry Rickards wrote:
> On 05/09/09 17:42, Dave Patterson wrote:
>> * Harry Rickards <hrickards@l33tmyst.com> [2009-05-09 11:14:14 +0100]:
>>> Hash: SHA1
>>> I was wondering if anyone knew of a way, perhaps using /etc/aliases, so
>>> that all incoming mail addressed to my username (hrickards) is encrypted
>>> with *my* public key, so that when I read it only I can read it using
>>> *my* private key. If the mail was signed or encrypted beforehand, it
>>> could then be decrypted with my private key as usual.
>> Hmm.  So, we're looking at encrypting mails as they come in, prior to
>> disk write, in a format that you, and only you, can later decrypt them,
>> preferably using gpg.  I don't care why, it's an intereUting problem.
>> Local storage remains secure.  At least that's what I think is the
>> intention.
>> Outside of using some disk encryption system like this:
>> <http://www.debianhelp.org/node/15244>
>> I'd try to pipe the mail fetchmail, procmail (pipe to
>> encryptionscrypt,write-encrypted-email-to-disk)
>> Remembering procmail only functions as a gate, and does not write the
>> mail to disk until told to, and neither does fetchmail 
>> (or getmail or retchmail).
>> script should be very simple:
>> gpg -e -r yourusergpgidhere themessage
>> Build from that command. 
>> Trick is to not write to disk prior to encryption.
> Uh, huh. Thanks for the tips, I'll try to come up with something from that.

So far I've added the gpmail alias in /etc/aliases as a test using the
following line:


I then created the /usr/bin/gpmail script, and ran newaliases. In
/usr/bin/gpmail I've got:

gpg --encrypt --sign --armor -r hrickards@l33tmyst.com|mail -s Test

When piping stuff to it from the command line it works fine, but when
sending a test email to gpmail@l33tmyst.com I get a blank email in
response. I think this is because /usr/bin/gpmail is being executed as
the 'nobody' user (I setup a whoami script), and I've setup the GPG keys
for the 'mail' user. nobody can't use GPG, as it doesn't have a home
directory, so is there a way to change the user that Postfix pipes
things to with (to mail or any other user with a home directory)? Thanks
for all the help.

- -- 
Many thanks
Harry Rickards (a.k.a l33tmyst)

Version: 3.1
GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ E--- W+++ N o K+
w--- O- M- V- PS+  PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y?
- ------END GEEK CODE BLOCK------
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


Reply to: