Suggestion:
Ability to add a possibility to download public keys automatically via a header trigger, like the signing trigger and encryption trigger.
This configuration setting could be that it allows you to specify header name, and then one regexp that will cause the Ciphermail to download the public key if it matches, however, if 2 headers is found with the same header name as the one specified, Ciphermail, will NOT download public keys.
The idea behind not downloading if 2 headers of the same name is found, is to prevent a rogue entity to add such a header in a incoming mail. The idea is then that the validation software, that the system administrator uses to decide if a public key should be downloaded or not, can specify, lets say a example: “X-PGP-Download-Key: yes” or “X-PGP-Download-Key: no” (Header name: “X-PGP-Download-Key”, Regexp: “/^yes$/”), and thus if a rogue entity tries to add “X-PGP-Download-Key: yes”, and the validation software does NOT support removing fraudulent headers, then the mail will end up with one “X-PGP-Download-Key: yes” and one “X-PGP-Download-Key: no” in case validation failed, else 2 identical “X-PGP-Download-Key: yes” headers, thus Ciphermail can ignore these duplicate headers, preventing DoS.
Of course, there should be a setting to remove the header too, and then it will remove the named header regardless of if it matched the regexp or not.
This would allow the administrator to set up limits to prevent DoS, for example, the system administrator could configure the SPF/DKIM validating software, to add this header in the first 5 unique mails for a specific domain, and only once per unique mail sender, and only for mail that passes either SPF or DKIM, or both.
Or the system administrator could add so only the first mail containing “-----BEGIN PGP SIGNATURE-----” line, each 30 minutes will trigger a key download, thus preventing DoS, if someone would start flooding the server.