with the new Chipermail one can set the ciphers used by S/MIME for
signing and encryption in the GUI settings. This lead to the question
if there are any real life experience how many clients are still not
supporting rfc5751 from 2010 and will therefore not be able to
verify/decrypt mail signed with sha-256 or crypted with AES?
Windows up from XP-SP3 and Outlook 2003 are ok, latest Thunderbird
also no Problem. We are especially interested in feedback about other
Gateway Products and Mobile Clients.
as of today i started with the new Ciphermail release. We got bitten
by a missing custom processor we use for integrating AV scan on the
same maschine. Until now we simply have a xml with the following
This file will be included by config.xml. You can add all your
Example internal transport. Can be used when you want to treat
mail for internal
and external users differently.
<mailet match="All" class="Log">
<comment> transport </comment>
<logDetail> middle </logDetail>
<mailet match="All" class="RemoteDelivery">
<outgoing> file://var/mail/outgoing-internal/ </outgoing>
<delayTime> 10 secs </delayTime>
<delayTime> 20 secs </delayTime>
<delayTime> 1 minute </delayTime>
<delayTime> 2 minutes </delayTime>
<delayTime> 5 minutes </delayTime>
<delayTime> 10 minutes </delayTime>
<maxRetries> 725 </maxRetries>
<deliveryThreads> 2 </deliveryThreads>
<sendpartial> true </sendpartial>
<bounceProcessor> bounces </bounceProcessor>
<xForward> true </xForward>
<gateway> 127.0.0.1 </gateway>
<gatewayPort> 10027 </gatewayPort>
which was loaded in config.xml and referenced in
internal_remote_delivery_processor.xml like this:
The processor to use for remote delivery of internal email. By default the
remote delivery transport of internal email will be the same as for
<processor> transport </processor>
<!-- Example: Use custom-remote-delivery-internal specified in
<processor> custom-remote-delivery-internal </processor>
From my understandig it should be enough to move our custom_processor
xml file to custom-processors.d to get it included automatically, no?
This does not work, the processor was still missing and
custom_processors.xml stayed empty. Our workaround was to alter
config.xml to reference our file instead custom_processors.xml :-(
Any idea what is wrong?
what does DTO stand for? (for example: UserDTO)
Also I am trying to set the locality for a user in Java to use it via CLI and I can’t find the function that lets me do that. Where do I do that best?
Thanks in advance!
PS: ciphermail is great news!! Cant wait to try it out.
On 06/19/2014 11:55 AM, Romeo Sulzer wrote:
> Is it possible to configure a separate Subject Trigger specifically for PDF
> encryption? Basically I'd like to give the user the option to either
> encrypt a message using S/MIME or PDF on a case by case basis. Sometimes
> there is a need to send a PDF encrypted message, even if the certificates
> for S/MIME encryption would be present.
This is possible but you need to add a custom rule to the mail flow
definition file (config.xml). You should add the check for a subject
just before doing the S/MIME encryption.
For example add a mailet/matcher somewhere just before checking whether
S/MIME is enabled.
Example (not tested)
<log> PDF encryption forced </log>
<processor> checkPDFEncrypt </processor>
The part (?i)\[\s*pdfencrypt\s*\] is a regular expression that is
triggered when pdfencrypt between [ and ] is found in the subject. If
so, it jumps to checkPDFEncrypt.
It's not hard to add to config.xml but you should familiarize yourself
first how config.xml is built-up before adding the rule.
Ciphermail email encryption