a5816ef60e
|
||
|---|---|---|
| README.md | ||
| encmaildir.sh | ||
| gpgit | ||
README.md
gpgit
What
gpgit is a mail filter that encrypts an email with a public key in the user's GnuPG keyring.
Why
It partially solves the problem that no one wants to use PGP encryption. The email is still in the clear while in transit, but it gets encrypted before it touches your mail server's hard drive. That means mail is still vulnerable to network capture (unless TLS is used) and to logging on the intermediate SMTP servers, but not vulnerable to authorities randomly seizing your server, National Security Letters on your email provider, or other crazy stuff like that.
How
gpgit simply reads an email from stdin, encrypts it with the key given as first argument (unless the email is already encrypted), and writes out the result to stdout. That's almost all there is to it; some other arguments are available. Run gpgit without arguments for details.
You need some Perl modules for this to work:
There are multiple ways to use this in your email system:
- With Exim: Automatically Encrypting all Incoming Email with Exim
- With Dovecot: Encrypt specific incoming emails using Dovecot and Sieve
encmaildir.sh
encmaildir.sh is a little bonus script to encrypt an existing email directory, taking care of file permissions and ownership and Dovecot indexes and everything.
Only unencrypted emails will be modified. Run encmaildir.sh without arguments for usage information.
Who
- Mike Cardwell for the original script (
gpgit.pl) - PunchiePets on DSLReports and Olivier Berger for the original version of
encmaildir.sh - Etienne Perot for modifications to
encmaildir.sh