-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/09/09 19:08, James Richardson wrote: > Harry Rickards wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On 05/09/09 18:24, Harry Rickards wrote: >>> On 05/09/09 18:05, Harry Rickards wrote: >>>> On 05/09/09 17:42, Dave Patterson wrote: >>>>> * Harry Rickards <hricka...@l33tmyst.com> [2009-05-09 11:14:14 +0100]: >>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>> Hash: SHA1 >>>>>> >>>>>> I was wondering if anyone knew of a way, perhaps using /etc/aliases, so >>>>>> that all incoming mail addressed to my username (hrickards) is encrypted >>>>>> with *my* public key, so that when I read it only I can read it using >>>>>> *my* private key. If the mail was signed or encrypted beforehand, it >>>>>> could then be decrypted with my private key as usual. >>>>>> >>>>> Hmm. So, we're looking at encrypting mails as they come in, prior to >>>>> disk write, in a format that you, and only you, can later decrypt them, >>>>> preferably using gpg. I don't care why, it's an intereUting problem. >>>>> Local storage remains secure. At least that's what I think is the >>>>> intention. >>>>> Outside of using some disk encryption system like this: >>>>> <http://www.debianhelp.org/node/15244> >>>>> I'd try to pipe the mail fetchmail, procmail (pipe to >>>>> encryptionscrypt,write-encrypted-email-to-disk) >>>>> Remembering procmail only functions as a gate, and does not write the >>>>> mail to disk until told to, and neither does fetchmail >>>>> (or getmail or retchmail). >>>>> script should be very simple: >>>>> gpg -e -r yourusergpgidhere themessage >>>>> Build from that command. >>>>> Trick is to not write to disk prior to encryption. >>>> Uh, huh. Thanks for the tips, I'll try to come up with something from that. >>> >>> So far I've added the gpmail alias in /etc/aliases as a test using the >>> following line: >>> >>> gpmail:|/usr/bin/gpmail >>> >>> I then created the /usr/bin/gpmail script, and ran newaliases. In >>> /usr/bin/gpmail I've got: >>> >>> gpg --encrypt --sign --armor -r hricka...@l33tmyst.com|mail -s Test >>> hricka...@l33tmyst.com >>> >>> When piping stuff to it from the command line it works fine, but when >>> sending a test email to gpm...@l33tmyst.com I get a blank email in >>> response. I think this is because /usr/bin/gpmail is being executed as >>> the 'nobody' user (I setup a whoami script), and I've setup the GPG keys >>> for the 'mail' user. nobody can't use GPG, as it doesn't have a home >>> directory, so is there a way to change the user that Postfix pipes >>> things to with (to mail or any other user with a home directory)? Thanks >>> for all the help. >>> >> I've given nobody a home directory to nobody using usermod, and running >> /usr/bin/gpmail from the command line logged in as nobody works fine, >> but I still receive blank emails when sending mail to >> gpm...@l33tmyst.com. I suppose it could be that I'm sending it to the >> address it's meant to forward it to, could someone send an email to >> gpm...@l33tmyst.com for me? Thanks. > > Here you go. I just found the thread, looks like an interesting idea.... > > I use exim so I can't help you with postfix... > > I will send this mail unsigned and unencrypted...
Ok, thanks. The mail was blank from you as well, so I don't know what's happening. Anyone else successfully piping something in Postfix with /etc/aliases? - -- Many thanks Harry Rickards (a.k.a l33tmyst) - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ E--- W+++ N o K+ w--- O- M- V- PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkoFyJkACgkQ1kZz3mRu0GrFXACfaEoxyTF/aIr1NWjduPHwXveQ i00An3uTAP3xNpFfcpmsInJHS1bzmKBc =Wjdp -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
