1) I can't seem to figure out how to get every user's SMIME cert to
every other user. Example: I've createdjohnny(a)bar.baz and
sammy(a)bar.baz. I created the internal CA, created a cert for both
of them and imported it. But, at that point, how do I send an
encrypted message between Johnny and Sammy? Without Sammy having
Johnny's keys and vice-versa, there isn't a way to encrypt the
outgoing message. On the certificates page, there is an option to
"download all keys." But aren't these the private keys? I wouldn't
want every user to have every user's private keys.
If you select the certificates and click "download keys" it will
download the keys but if you select "download certificates" it will
only download the certificates (without the keys). All the
certificates for all your internal users should be exchanged between
clients. The easiest way to do this is by selecting all the
certificates for your users, and then click "download certificates".
This will give you a .p7b file containing all certificates. This .p7b
file can then be imported into every desktop.
Is there a "special" way to import certificates into Thunderbird? Or
are the certificates not imported into Thunderbird? Exporting the
certificates does not prompt for a password. Trying to import the p7b
into Thunderbird prompted for a password.
Exporting the certificates from Djigzo does not require a password. A
.p7b (or .cer) is not a password protected file. Thunderbird probably
requires you to enter the master password (set by the owner of
Thunderbird) to allow the import of certificates and/or keys.
I had to import the certificates on the "People" tab, and not the
"your certificates" tab. That did the trick once the root CA was
trusted for email users.
2) Is there any way to prevent Djigzo from DEcrypting incoming
messages?
If all users are external users (the default), then no email will be
decrypted. Incoming email is split into two paths, for internal
recipients email will be decrypted, for external recipients email will
be encrypted. If you do not make any domain or user an internal user,
no email will be decrypted.
It looks like this did the trick. Once I re-created both users and
set them both as external, sending a plain unsigned unencrypted
message from Sammy to Johnny resulted in Johnny receiving a message
that was signed by Sammy and encrypted.
Sending a message from a user that is not anywhere listed in Djigzo to
Johnny resulted in Johnny receiving an un-signed message that was
encrypted.
Essentially, here's what I'm looking for: -- All messages in a user's
mail folders are SMIME encrypted. -- Any incoming mail that is SMIME
encrypted for that user passes untouched.
-- Any incoming mail that is unencrypted is encrypted by Djigzo
using the user's own key. -- Any outgoing mail that is encrypted is
untouched -- Any outgoing mail that is unencrypted is untouched.
I think that Djigzo ends up being total overkill in this situation?
I have been thinking about such a use case as well because it can be
used to store all email encrypted in your local mailbox. This is kind
of different from the typical use case of the Djigzo gateway. If you
make sure that every user is an external user, this should work since
all incoming email for some internal user will be encrypted if it is
not already encrypted (if setup to encrypt all email for certain
users). How are your internal users going to send encrypted email to
each other? Using the S/MIME functionality of the email client?
Yes this is the assumption. If the users import "all" of the
certificates, then wouldn't they be able to encrypt email going to
another user? If the user Johnny sends an unencrypted email to the user
Sammy on the same server, but they are both "external" users, isn't
Djigzo going to encrypt the incoming message?
EX: Sammy sends email to Johnny unencrypted. Djigzo will use Johnny's
key to encrypt the message before it is passed along to Johnny?
I haven't tested this but it should work if you make sure that the
Djigzo gateway is the one your users connect to. If you are using a
different server your users connect to and that server handles email for
local accounts locally (for example the mail boxes are stored on the
same server), the email for local users is not relayed through the
Djigzo server.
It appears that it worked. Sent encrypted/signed from Johnny to Sammy:
* Because Johnny sent the message pre-encrypted/signed by Thunderbird,
the message contents are encrypted in Johnny's "Sent" folder on the
IMAP server.
* It doesn't appear that Djigzo tried to do anything to the message.
There was no "smimeEncrypt" comment in Djigzo's log.
* Sammy received an encrypted message signed by Johnny.
Seems like most of the functionality here is working as desired. Some
things that I feel are "missing":
* Email subjects do not appear to be encrypted. Is this possible?
* For a message that is sent that is not encrypted/signed by the
client (Thunderbird), currently the "Sent" folder ends up with a
cleartext email in it. I am guessing I have two options here:
1) Client manipulation that automatically encrypts the message that it
"copies" into the "Sent" folder
2) Some kind of nasty Postfix hack that will send copies of emails
back to the user and a sieve filter that dumps them into the "Sent"
folder.
The second one seems to be an issue that Djigzo is not designed to or
even should try to solve. The first one seems legit assuming that
email RFC supports it.
Cheers, and thanks for the help!
Erik
···
On 11/24/2011 02:14 PM, Erik Jacobs wrote:
On 11/24/2011 6:00 AM, users-request(a)lists.djigzo.com wrote:
Zitat von Erik Jacobs <erikmjacobs(a)gmail.com>:
1) I can't seem to figure out how to get every user's SMIME cert to
every other user. Example: I've createdjohnny(a)bar.baz and
sammy(a)bar.baz. I created the internal CA, created a cert for both
of them and imported it. But, at that point, how do I send an
encrypted message between Johnny and Sammy? Without Sammy having
Johnny's keys and vice-versa, there isn't a way to encrypt the
outgoing message. On the certificates page, there is an option to
"download all keys." But aren't these the private keys? I wouldn't
want every user to have every user's private keys.
If you select the certificates and click "download keys" it will
download the keys but if you select "download certificates" it will
only download the certificates (without the keys). All the
certificates for all your internal users should be exchanged between
clients. The easiest way to do this is by selecting all the
certificates for your users, and then click "download certificates".
This will give you a .p7b file containing all certificates. This .p7b
file can then be imported into every desktop.
Is there a "special" way to import certificates into Thunderbird? Or
are the certificates not imported into Thunderbird? Exporting the
certificates does not prompt for a password. Trying to import the p7b
into Thunderbird prompted for a password.
Exporting the certificates from Djigzo does not require a password. A
.p7b (or .cer) is not a password protected file. Thunderbird probably
requires you to enter the master password (set by the owner of
Thunderbird) to allow the import of certificates and/or keys.
I had to import the certificates on the "People" tab, and not the
"your certificates" tab. That did the trick once the root CA was
trusted for email users.
2) Is there any way to prevent Djigzo from DEcrypting incoming
messages?
If all users are external users (the default), then no email will be
decrypted. Incoming email is split into two paths, for internal
recipients email will be decrypted, for external recipients email will
be encrypted. If you do not make any domain or user an internal user,
no email will be decrypted.
It looks like this did the trick. Once I re-created both users and
set them both as external, sending a plain unsigned unencrypted
message from Sammy to Johnny resulted in Johnny receiving a message
that was signed by Sammy and encrypted.
Sending a message from a user that is not anywhere listed in Djigzo to
Johnny resulted in Johnny receiving an un-signed message that was
encrypted.
Essentially, here's what I'm looking for: -- All messages in a user's
mail folders are SMIME encrypted. -- Any incoming mail that is SMIME
encrypted for that user passes untouched.
-- Any incoming mail that is unencrypted is encrypted by Djigzo
using the user's own key. -- Any outgoing mail that is encrypted is
untouched -- Any outgoing mail that is unencrypted is untouched.
I think that Djigzo ends up being total overkill in this situation?
I have been thinking about such a use case as well because it can be
used to store all email encrypted in your local mailbox. This is kind
of different from the typical use case of the Djigzo gateway. If you
make sure that every user is an external user, this should work since
all incoming email for some internal user will be encrypted if it is
not already encrypted (if setup to encrypt all email for certain
users). How are your internal users going to send encrypted email to
each other? Using the S/MIME functionality of the email client?
Yes this is the assumption. If the users import "all" of the
certificates, then wouldn't they be able to encrypt email going to
another user? If the user Johnny sends an unencrypted email to the user
Sammy on the same server, but they are both "external" users, isn't
Djigzo going to encrypt the incoming message?
EX: Sammy sends email to Johnny unencrypted. Djigzo will use Johnny's
key to encrypt the message before it is passed along to Johnny?
I haven't tested this but it should work if you make sure that the
Djigzo gateway is the one your users connect to. If you are using a
different server your users connect to and that server handles email for
local accounts locally (for example the mail boxes are stored on the
same server), the email for local users is not relayed through the
Djigzo server.
It appears that it worked. Sent encrypted/signed from Johnny to Sammy:
* Because Johnny sent the message pre-encrypted/signed by Thunderbird,
the message contents are encrypted in Johnny's "Sent" folder on the
IMAP server.
* It doesn't appear that Djigzo tried to do anything to the message.
There was no "smimeEncrypt" comment in Djigzo's log.
* Sammy received an encrypted message signed by Johnny.
Seems like most of the functionality here is working as desired. Some
things that I feel are "missing":
* Email subjects do not appear to be encrypted. Is this possible?
Not really. There is the possibility to wrap a encrypted mail
including headers in a mail, but it is delivered as an attachment and
not as a mail. There was/is a non standard way Djigzo could *protect*
the subject against tampering but encrypting it is not possible in an
easy to handle way.
* For a message that is sent that is not encrypted/signed by the
client (Thunderbird), currently the "Sent" folder ends up with a
cleartext email in it. I am guessing I have two options here:
1) Client manipulation that automatically encrypts the message that it
"copies" into the "Sent" folder
2) Some kind of nasty Postfix hack that will send copies of emails
back to the user and a sieve filter that dumps them into the "Sent"
folder.
Best would be using some sort of encrypted filesystem/folder/container
for the local mail data. S/MIME solves the problem of protecting mail
in transit, local data you have to secure with your OS provided tools.
Regards
Andreas
···
On 11/24/2011 02:14 PM, Erik Jacobs wrote:
On 11/24/2011 6:00 AM, users-request(a)lists.djigzo.com wrote: