Deployment of CipherMail

Dear Sebastian,

we are planning to deploy ciphermail and use exim as our MTA.
Can you post some of your config snippets, for using exim with ciphermail?

Mit freundlichen Grüßen

Ralf Kirmis

Neue Straße 52 D-27432
Bremervörde
                                                       
Telefon 04761-9941-0 Fax 04761-9941-400
Unseren Service erreichen Sie unter: Tel: +49 4761-9941-120, Fax: +49
4761-9941-420, service(a)wizard.de
Den Vertrieb erreichen Sie unter: Tel: +49 4761-9941-130, Fax: +49
4761-9941-430, vertrieb(a)wizard.de

The CipherMail gateway can basically split up into three parts. The MTA
(postfix), the encryption/decryption back-end and the front-end (web GUI).

When postfix receives a message, the message is sent to the back-end for
encryption/decryption using an Postfix after-queue filter. After
handling, the email (or multiple in case of different sender/recipient
requirements for example) is sent back to postfix for delivery. In
principle the MTA functionality can be replaced by some other MTA. Take
a look how postfix delivers the email to the back-end, doing this in a
similar way with Exim should not be hard to figure out.

Kind regards,

Martijn Brinkers

···

On 23-05-18 09:34, Ralf Kirmis via Users wrote:

we are planning to deploy ciphermail and use exim as our MTA.
Can you post some of your config snippets, for using exim with ciphermail?

--
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

Twitter: http://twitter.com/CipherMail

I'm on 4.1.0.

I can add the following findings:

The client certificate is issued by this root: CN=D-TRUST CA 2-1 2015, O=D-Trust GmbH, L=Berlin, C=DE

http://www.d-trust.net/cgi-bin/D-TRUST_CA_2-1_2015.crt

It is issued by: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB

When Ciphermail displays the root CN=D-TRUST CA 2-1 2015, O=D-Trust GmbH, L=Berlin, C=DE the Comodo root is not displayed as link. So I guess that Chipermail is for some reason not able to resolve the chain. Why?

···

-----Ursprüngliche Nachricht-----

Von:Martijn Brinkers via Users <users(a)lists.djigzo.com>
Gesendet: Mittwoch 23 Mai 2018 14:24
An: <users(a)lists.djigzo.com>
Betreff: Re: Deployment of CipherMail

On 23-05-18 09:34, Ralf Kirmis via Users wrote:
> we are planning to deploy ciphermail and use exim as our MTA.
> Can you post some of your config snippets, for using exim with ciphermail?

The CipherMail gateway can basically split up into three parts. The MTA
(postfix), the encryption/decryption back-end and the front-end (web GUI).

When postfix receives a message, the message is sent to the back-end for
encryption/decryption using an Postfix after-queue filter. After
handling, the email (or multiple in case of different sender/recipient
requirements for example) is sent back to postfix for delivery. In
principle the MTA functionality can be replaced by some other MTA. Take
a look how postfix delivers the email to the back-end, doing this in a
similar way with Exim should not be hard to figure out.

Kind regards,

Martijn Brinkers

--
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

--

MHC SoftWare GmbH
Fichtera 17
96274 Itzgrund/Germany

voice: +49-(0)9533-92006-0
fax: +49-(0)9533-92006-6
e-mail: info(a)mhcsoftware.de

HR Coburg: B2242
Geschaeftsfuehrer: Matthias Henze

I'm on 4.1.0.

I can add the following findings:

The client certificate is issued by this root: CN=D-TRUST CA 2-1
2015, O=D-Trust GmbH, L=Berlin, C=DE

http://www.d-trust.net/cgi-bin/D-TRUST_CA_2-1_2015.crt

It is issued by: CN=COMODO RSA Certification Authority, O=COMODO CA
Limited, L=Salford, ST=Greater Manchester, C=GB

CONTACT US - Comodo: Cloud Native Cyber Security Platform

When Ciphermail displays the root CN=D-TRUST CA 2-1 2015, O=D-Trust
GmbH, L=Berlin, C=DE the Comodo root is not displayed as link. So I
guess that Chipermail is for some reason not able to resolve the
chain. Why?

This works for me. The following D-Trust certificate is trusted when I
import it

http://www.d-trust.net/cgi-bin/D-TRUST_CA_2-1_2015.crt

What is the background color of the D-Trust cert in your gateway? gray
or white?

Kind regards,

Martijn Brinkers

···

On 23-05-18 19:44, lists via Users wrote:

-----Ursprüngliche Nachricht-----

Von:Martijn Brinkers via Users <users(a)lists.djigzo.com> Gesendet:
Mittwoch 23 Mai 2018 14:24 An: <users(a)lists.djigzo.com> Betreff:
Re: Deployment of CipherMail

On 23-05-18 09:34, Ralf Kirmis via Users wrote:

we are planning to deploy ciphermail and use exim as our MTA. Can
you post some of your config snippets, for using exim with
ciphermail?

The CipherMail gateway can basically split up into three parts. The
MTA (postfix), the encryption/decryption back-end and the front-end
(web GUI).

When postfix receives a message, the message is sent to the
back-end for encryption/decryption using an Postfix after-queue
filter. After handling, the email (or multiple in case of different
sender/recipient requirements for example) is sent back to postfix
for delivery. In principle the MTA functionality can be replaced by
some other MTA. Take a look how postfix delivers the email to the
back-end, doing this in a similar way with Exim should not be hard
to figure out.

Kind regards,

Martijn Brinkers

-- CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption
and secure webmail pull.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail

_______________________________________________ Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

--
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

Twitter: http://twitter.com/CipherMail