Hello,
i am new at ciphermail and am using the latester version 2.8.6-2 on a
Debian Squeeze machine.
I want to use a very simple setup: I want to sign all outgoing mails
from "tbals(a)sender.de" to any destination.
I first create a PGP keyring to one of my emailadresses. On the user
account I can see this key in "PGP -> signing key".
But when I sent a email to any address this mail is not signed.
I try to check and uncheck some parameters like "force signing header"
and "only sign when encrypt", but these parameters are only available in
S/MIME section, not for PGP
And its sill not working.
Any ideas? Attached some output of my djigzo.log.
I have only one user (tbals(a)sender.de) in Database.
Regards
Thomas
cypermail-log.txt (2.52 KB)
Hi Thomas,
PGP sign only was not (yet) added. It will be added to the next release
though. You can however add PGP signing by modifying config.xml
(config.xml describes the mail flow).
The attached patch will add a matcher that will trigger when the sender
has set the advanced custom 1 property to "true" (without the quotes).
I also attached the complete config.xml so you can replace the existing
(make a backup first) with the new one without using the patch.
After replacing or modifying config.xml, you need to restart the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1 property of the sending user
to "true" (without the quotes) to trigger PGP sign only for this sender.
Kind regards,
Martijn Brinkers
force-sign.patch (6.92 KB)
config.xml (133 KB)
···
On 07/15/2014 12:55 AM, Thomas Bäumer wrote:
i am new at ciphermail and am using the latester version 2.8.6-2 on a
Debian Squeeze machine.
I want to use a very simple setup: I want to sign all outgoing mails
from "tbals(a)sender.de" to any destination.
I first create a PGP keyring to one of my emailadresses. On the user
account I can see this key in "PGP -> signing key".
But when I sent a email to any address this mail is not signed.
I try to check and uncheck some parameters like "force signing header"
and "only sign when encrypt", but these parameters are only available in
S/MIME section, not for PGP
And its sill not working.
Any ideas? Attached some output of my djigzo.log.
I have only one user (tbals(a)sender.de) in Database.
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
Twitter: http://twitter.com/CipherMail
I want to use a very simple setup: I want to sign all outgoing
mails from "tbals(a)sender.de" to any destination.
Hi Thomas,
PGP sign only was not (yet) added. It will be added to the next
release though. You can however add PGP signing by modifying
config.xml (config.xml describes the mail flow). The attached
patch will add a matcher that will trigger when the sender has set
the advanced custom 1 property to "true" (without the quotes). I
also attached the complete config.xml so you can replace the
existing (make a backup first) with the new one without using the
patch. After replacing or modifying config.xml, you need to restart
the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1 property of the
sending user to "true" (without the quotes) to trigger PGP sign
only for this sender. Kind regards, Martijn Brinkers
Hello Martijn,
many thank you for this patch, now its working as requested.
I didn't know that "PGP sign only" is not implemented yet. I thought
this is a very basic operation.
Any idea when the next version which includes this will be released?
Regards
Thomas
I want to use a very simple setup: I want to sign all outgoing
mails from "tbals(a)sender.de" to any destination.
Hi Thomas,
PGP sign only was not (yet) added. It will be added to the next
release though. You can however add PGP signing by modifying
config.xml (config.xml describes the mail flow). The attached
patch will add a matcher that will trigger when the sender has
set the advanced custom 1 property to "true" (without the
quotes). I also attached the complete config.xml so you can
replace the existing (make a backup first) with the new one
without using the patch. After replacing or modifying config.xml,
you need to restart the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1 property of the
sending user to "true" (without the quotes) to trigger PGP sign
only for this sender. Kind regards, Martijn Brinkers
Hello Martijn,
many thank you for this patch, now its working as requested.
I didn't know that "PGP sign only" is not implemented yet. I
thought this is a very basic operation.
In principle it is, adding it only required some changes to
config.xml. The problem with PGP signing is that most recipients (in
general) do not know how to handle PGP signatures and that PGP signing
is mostly used by users who are already familiar with PGP. We did not
add signing yet because it might require changes to other parts of
config.xml as well. For example there are triggers to force signing.
Currently those triggers only trigger S/MIME signing. We are
investigating how to add PGP signing in a logical way to make it work
consistently.
Any idea when the next version which includes this will be
released?
We do not have a date yet. We will wait for some more feedback to the
latest release.
Kind regards,
Martijn Brinkers
···
On 07/15/2014 02:44 PM, Thomas Bäumer wrote:
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
Twitter: http://twitter.com/CipherMail
Hello Martijn,
I patched the config.xml and than I get a Signatur. But this is like an attachment called signatur.asc
I expect something like:
alice% gpg --clearsign doc
You need a passphrase to unlock the secret key for
user: "Alice (Judge) <alice(a)cyb.org>"
1024-bit DSA key, ID BB7576AC, created 1999-06-04
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[...]
Thanks Peter
···
________________________________________
Von: users-bounces(a)lists.djigzo.com [users-bounces(a)lists.djigzo.com]" im Auftrag von "Martijn Brinkers [martijn(a)djigzo.com]
Gesendet: Dienstag, 15. Juli 2014 15:12
An: users(a)lists.djigzo.com
Betreff: Re: force sign all outgoing mails
On 07/15/2014 02:44 PM, Thomas Bäumer wrote:
I want to use a very simple setup: I want to sign all outgoing
mails from "tbals(a)sender.de" to any destination.
Hi Thomas,
PGP sign only was not (yet) added. It will be added to the next
release though. You can however add PGP signing by modifying
config.xml (config.xml describes the mail flow). The attached
patch will add a matcher that will trigger when the sender has
set the advanced custom 1 property to "true" (without the
quotes). I also attached the complete config.xml so you can
replace the existing (make a backup first) with the new one
without using the patch. After replacing or modifying config.xml,
you need to restart the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1 property of the
sending user to "true" (without the quotes) to trigger PGP sign
only for this sender. Kind regards, Martijn Brinkers
Hello Martijn,
many thank you for this patch, now its working as requested.
I didn't know that "PGP sign only" is not implemented yet. I
thought this is a very basic operation.
In principle it is, adding it only required some changes to
config.xml. The problem with PGP signing is that most recipients (in
general) do not know how to handle PGP signatures and that PGP signing
is mostly used by users who are already familiar with PGP. We did not
add signing yet because it might require changes to other parts of
config.xml as well. For example there are triggers to force signing.
Currently those triggers only trigger S/MIME signing. We are
investigating how to add PGP signing in a logical way to make it work
consistently.
Any idea when the next version which includes this will be
released?
We do not have a date yet. We will wait for some more feedback to the
latest release.
Kind regards,
Martijn Brinkers
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
Twitter: http://twitter.com/CipherMail
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users
Hello Martijn,
I patched the config.xml and than I get a Signatur. But this is
like an attachment called signatur.asc I expect something like:
alice% gpg --clearsign doc
You need a passphrase to unlock the secret key for user: "Alice
(Judge) <alice(a)cyb.org>" 1024-bit DSA key, ID BB7576AC, created
1999-06-04
[...]
How could I verify this signatur.asc?
gpg --verify signature.asc gpg: no signed data gpg: can't hash
datafile: No data
cat signature.asc -----BEGIN PGP SIGNATURE----- Version: CIPHERMAIL
(2.8.6-2)
iQIcBAABCgAGBQJTx/FgAAoJEFsAK2UosMjTdUoP/j7NjGvuu5/z4rcoc0HlVeO3
idTGpdhaPmOc/j5zzl9x7QXOMP5zcw9/MAouF5iUaVpB9oZ+Gs1aVKndljkHSTQN
JFwwixD8fsWprU+ixGjMBufXYflrkTIBqMCTlLnMfXWjzJvz+IJYRZ16n5b/Wseb
Ofui/Zv/4JoxAC+Il+gmNWHvOuupj6Qav6x0pCTVr8c4CvvZsU6n14uEpwjSDO5d
Fu8CrCC50OpSz0OA00kWHNPJQnPkErTIRszFtK217+6e7MfRjWaCH9WwWMNRj+//
TKHhcHVHPYc5Ob7A8leTpXoi6Rus7IEeEloSXIlpIAUtDkACnmQcM2eQ/Mrvu9MI
YTu2HESWvj/MB5023oKHdVH4mCjRRktJ5AK2GAleSTfzDUiVkhLHlATNKs7QmnEq
AD7wSqGSGWkQFBhgirf+7JZswbitZsnzf0Mqwa/IIylOzBkbg/1eQP6Adi4+OGuQ
/KVJIANafUQ2rC8sWpwMX1JFvGASDsXd/OGYz4iwQCUSSCXEpN+JGTSqZ3sjtztn
s8FB5ijtUL9ZAVUcU2BcCPXisZR5SBxfHvgXuhfRoLnHS6iytnmPvgZOrTak1xD+
BMjdg1e4yeFD9A36i7QuUTrvHleKGAYCcwKjXIj+pv5wfeARDAUrv+w4mU9bm66t
VoovSmWdPgKs0Ph6ai9O =deNN -----END PGP SIGNATURE-----
With PGP you have two ways to encode your message: PGP/MIME and
PGP/INLINE (also known as PGP traditional). PGP/MIME signs and/or
encrypts the complete MIME message. The main benefit of PGP/MIME is
that it better supports attachments and that HTML email is supported.
However some PGP clients do not support PGP/MIME and they require
PGP/INLINE. I guess you want PGP/INLINE and not PGP/MIME. The downside
of PGP/INLINE is that HTML email is not supported. There are hacks to
support HTML but it is a hack and currently not supported by
Ciphermail. If a message only contains HTML, the HTML will be
converted to text before signing. Since PGP/MIME is generally advised,
PGP/MIME is set as the default encoding. To enable PGP/INLINE, set
"PGP encoding" to PGP/INLINE (this is for outgoing email, for incoming
email the equivalent setting is "Incoming PGP/INLINE enable").
BTW you can validate a PGP/MIME message on the command line by using
the complete MIME message (i.e., including attachments) as the input
to gpg.
Kind regards,
Martijn Brinkers
···
On 07/17/2014 09:31 PM, Peter Haufschild wrote:
Von: users-bounces(a)lists.djigzo.com
[users-bounces(a)lists.djigzo.com]" im Auftrag von "Martijn
Brinkers [martijn(a)djigzo.com] Gesendet: Dienstag, 15. Juli 2014
15:12 An: users(a)lists.djigzo.com Betreff: Re: force
sign all outgoing mails
On 07/15/2014 02:44 PM, Thomas Bäumer wrote:
I want to use a very simple setup: I want to sign all
outgoing mails from "tbals(a)sender.de" to any destination.
Hi Thomas,
PGP sign only was not (yet) added. It will be added to the
next release though. You can however add PGP signing by
modifying config.xml (config.xml describes the mail flow). The
attached patch will add a matcher that will trigger when the
sender has set the advanced custom 1 property to "true"
(without the quotes). I also attached the complete config.xml
so you can replace the existing (make a backup first) with the
new one without using the patch. After replacing or modifying
config.xml, you need to restart the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1 property of the
sending user to "true" (without the quotes) to trigger PGP
sign only for this sender. Kind regards, Martijn Brinkers
Hello Martijn,
many thank you for this patch, now its working as requested.
I didn't know that "PGP sign only" is not implemented yet. I
thought this is a very basic operation.
In principle it is, adding it only required some changes to
config.xml. The problem with PGP signing is that most recipients
(in general) do not know how to handle PGP signatures and that PGP
signing is mostly used by users who are already familiar with PGP.
We did not add signing yet because it might require changes to
other parts of config.xml as well. For example there are triggers
to force signing. Currently those triggers only trigger S/MIME
signing. We are investigating how to add PGP signing in a logical
way to make it work consistently.
Any idea when the next version which includes this will be
released?
We do not have a date yet. We will wait for some more feedback to
the latest release.
Kind regards,
Martijn Brinkers
-- CipherMail email encryption
Open source email encryption gateway with support for S/MIME,
OpenPGP and PDF messaging.
http://www.ciphermail.com
Twitter: http://twitter.com/CipherMail
_______________________________________________ Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users
_______________________________________________ Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
Twitter: http://twitter.com/CipherMail