Re: Exim4: automatically GPG-encrypting messages to specific recipients
On Sun, 06 Apr 2014 12:57:52 +0200
Michael Schuerig <michael.lists@schuerig.de> wrote:
>
> I'd like exim4 to automatically encrypt messages to a specific
> recipient with the recipient's GPG public key.
>
> I thought this was a common issue with an established solution, but
> surprisingly I could not find anything. When I asked elsewhere, the
> reply was in effect "it's complicated".
>
> I'm barely a novice as far as exim4 is concerned. Any hints?
>
This isn't really the kind of thing that exim4 would normally get
involved in. If security is necessary, you want it client-to-client,
not just between servers. While you may be using exim4 on the same
machine as your email client, this isn't the expected usage, and MITM
attacks may happen in a network (or even within a computer, for that
matter).
Email clients do this sort of thing routinely (the mis-spelling is not
mine, that really is the page name):
https://securityinabox.org/en/thuderbird_encryption
Some people may use multiple email clients on different computers, with
the mail all sent out through a network server, as I do. It would be
convenient to do all the configuration in one place, but less secure,
and not many people work in this way. About the only ready-made
single-point-configuration solution will probably be webmail based on
the server. Squirrelmail can use GPG though I don't know how
sophisticated it is.
--
Joe
Reply to: