Re: Encrypting incoming messages with GnuPG
-----BEGIN PGP SIGNED MESSAGE-----
On 05/09/09 18:05, Harry Rickards wrote:
> On 05/09/09 17:42, Dave Patterson wrote:
>> * Harry Rickards <email@example.com> [2009-05-09 11:14:14 +0100]:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>> I was wondering if anyone knew of a way, perhaps using /etc/aliases, so
>>> that all incoming mail addressed to my username (hrickards) is encrypted
>>> with *my* public key, so that when I read it only I can read it using
>>> *my* private key. If the mail was signed or encrypted beforehand, it
>>> could then be decrypted with my private key as usual.
>> Hmm. So, we're looking at encrypting mails as they come in, prior to
>> disk write, in a format that you, and only you, can later decrypt them,
>> preferably using gpg. I don't care why, it's an intereUting problem.
>> Local storage remains secure. At least that's what I think is the
>> Outside of using some disk encryption system like this:
>> I'd try to pipe the mail fetchmail, procmail (pipe to
>> Remembering procmail only functions as a gate, and does not write the
>> mail to disk until told to, and neither does fetchmail
>> (or getmail or retchmail).
>> script should be very simple:
>> gpg -e -r yourusergpgidhere themessage
>> Build from that command.
>> Trick is to not write to disk prior to encryption.
> Uh, huh. Thanks for the tips, I'll try to come up with something from that.
So far I've added the gpmail alias in /etc/aliases as a test using the
I then created the /usr/bin/gpmail script, and ran newaliases. In
/usr/bin/gpmail I've got:
gpg --encrypt --sign --armor -r firstname.lastname@example.org|mail -s Test
When piping stuff to it from the command line it works fine, but when
sending a test email to email@example.com I get a blank email in
response. I think this is because /usr/bin/gpmail is being executed as
the 'nobody' user (I setup a whoami script), and I've setup the GPG keys
for the 'mail' user. nobody can't use GPG, as it doesn't have a home
directory, so is there a way to change the user that Postfix pipes
things to with (to mail or any other user with a home directory)? Thanks
for all the help.
Harry Rickards (a.k.a l33tmyst)
- -----BEGIN GEEK CODE BLOCK-----
GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ E--- W+++ N o K+
w--- O- M- V- PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y?
- ------END GEEK CODE BLOCK------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----