Hi people,
I'm having trouble sending encrypted PGP emails to the user of key with
ID 0xd465eef3f810745c (attached). I have imported and trusted it in
Ciphermail, and then tried to send test emails with no success.
At first I thought it was something related with the "é" or "()"
characters ("e" with a tilde), but I created a test PGP key with similar
characters in it, and everything worked fine with the test key.
My personal PGP key (0xaa976e29616d42d4) when imported in Ciphermail
shows in exactly the same way as the problematic one (except the
obviousfields: fingerprint, associated emails, dates, etc.), but test
emails addressed to both keys work fine for my key but not for the other.
Any ideas on what's special about this key that may prevent it from
working correctly?
Thanks
Jorge
--
*Jorge Gonzalez Villalonga*
Systems Engineer
*The International Consortium of Investigative Journalists*
<https://www.icij.org>
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United States
Phone: +34 672 173 200 (Madrid, Spain)
Hi,
during the past years we "updated" CipherMail installations by installing a new virtual machine and imported the backup of the running system.
But what about performing an in-place update?
Let's say we have version 4.5 running with the following packages installed:
djigzo-network-4.5.0-0.noarch
djigzo-web-4.5.0-0.noarch
djigzo-log-4.5.0-0.noarch
djigzo-web-network-4.5.0-0.noarch
djigzo-web-log-4.5.0-0.noarch
djigzo-gateway-console-4.5.0-0.noarch
djigzo-4.5.0-0.noarch
Installing the rpm packages for version 4.11 (rpm -U djigzo-4.11.0-0.noarch.rpm djigzo-web-4.11.0-0.noarch.rpm) only updates two packages in that list:
djigzo-network-4.5.0-0.noarch
djigzo-web-4.11.0-0.noarch <----- !!
djigzo-log-4.5.0-0.noarch
djigzo-web-network-4.5.0-0.noarch
djigzo-web-log-4.5.0-0.noarch
djigzo-gateway-console-4.5.0-0.noarch
djigzo-4.11.0-0.noarch <----- !!
Should I be concerned about the mix of version? May it cause any trouble?
Thanks for any suggestions or comments,
Stefan
Hi!
I'm trying to update Ciphermail from version 4.8.0 to the latest 5.0.2.
Since we use Exim, and the DEB-Packages require Postfix, I downloaded the TAR.GZ files.
I extracted them and started djigzo.
Unfortunately it does not start and in james.wrapper.log I see these errors:
07 Jun 2021 10:00:21 | INFO Loading XML bean definitions from file [/opt/djigzo/conf/spring/jms.xml] (org.springframework.beans.factory.xml.XmlBeanDefinitionReader) [Phoenix-Monitor]
org.apache.avalon.phoenix.containerkit.lifecycle.LifecycleException: Component named "djigzo" failed to pass through the Parameterizing stage. (Reason: org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Failed to import bean
definitions from relative location [jms.xml]
Offending resource: file [/opt/djigzo/conf/spring/djigzo.xml]; nested exception is org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 1 in XML document from file [/opt/djigzo/conf/spring/jms.xml] is invalid; nested exception is org.xml.sax.SAXPar
seException; systemId: http://activemq.apache.org/schema/core/activemq-core.xsd; lineNumber: 1; columnNumber: 50; White spaces are required between publicId and systemId.).
at org.apache.avalon.phoenix.containerkit.lifecycle.LifecycleHelper.fail(LifecycleHelper.java:354)
at org.apache.avalon.phoenix.containerkit.lifecycle.LifecycleHelper.startup(LifecycleHelper.java:226)
at org.apache.avalon.phoenix.components.application.DefaultApplication.startup(DefaultApplication.java:530)
at org.apache.avalon.phoenix.components.application.DefaultApplication.doRunPhase(DefaultApplication.java:478)
at org.apache.avalon.phoenix.components.application.DefaultApplication.runPhase(DefaultApplication.java:409)
at org.apache.avalon.phoenix.components.application.DefaultApplication.start(DefaultApplication.java:180)
at org.apache.avalon.framework.container.ContainerUtil.start(ContainerUtil.java:260)
at org.apache.avalon.phoenix.components.kernel.DefaultKernel.startup(DefaultKernel.java:295)
at org.apache.avalon.phoenix.components.kernel.DefaultKernel.addApplication(DefaultKernel.java:376)
at org.apache.avalon.phoenix.components.deployer.DefaultDeployer.deploy(DefaultDeployer.java:357)
at org.apache.avalon.phoenix.components.embeddor.DefaultEmbeddor.deployFile(DefaultEmbeddor.java:542)
at org.apache.avalon.phoenix.components.embeddor.DefaultEmbeddor.deployFile(DefaultEmbeddor.java:535)
at org.apache.avalon.phoenix.components.embeddor.DefaultEmbeddor.deployFiles(DefaultEmbeddor.java:520)
at org.apache.avalon.phoenix.components.embeddor.DefaultEmbeddor.deployDefaultApplications(DefaultEmbeddor.java:509)
at org.apache.avalon.phoenix.components.embeddor.DefaultEmbeddor.execute(DefaultEmbeddor.java:268)
at org.apache.avalon.phoenix.frontends.CLIMain.run(CLIMain.java:198)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Failed to import bean definitions from relative location [jms.xml]
The file jms.xml is the original one from the TAR.GZ and, as I checked, from the DEB-Packages, too.
Can someone help me?
Thanks a lot
Luca
Hi,
I was wondering if it's possible to send HTML encoded PDF encrypted e-mail. I noticed that embedded images in the e-mail do not show up. Is this an issue with the PDF viewer or ciphermail not processing HTML e-mail? Is it a security issue?
Thanks in advance
Dear All,
I can confirm that a MariaDB Galera cluster does work well. My own experience is from being a two location SOHO user. I run mailservers on both premises. My outbound mail is 50:50 from both locations and my inbound mail is ca. 95:5. My setup from an outside perspective is an ASSP server first, then a ChipherMail server and then a Kopano Mailserver. I have a three node MariaDB Galera cluster based on standard Debian 10 packages on three virtual machines, two in my primary location and one in the secondary location. The OpenVPN connection is performing sufficiently well for the cluster.
Regards,
Michael Schefczyk
-----Ursprüngliche Nachricht-----
Von: Martijn Brinkers via Users <users(a)lists.ciphermail.com>
Gesendet: Mittwoch 2 Juni 2021 10:51
An: users(a)lists.ciphermail.com
CC: tbahn(a)assono.de; Martijn Brinkers <martijn(a)ciphermail.com>
Betreff: [CipherMail User] Re: Two sites, two CipherMail servers, two database servers - what's the simple(st) solution?
On Tue, 2021-06-01 at 05:24 +0000, tbahn--- via Users wrote:
> We have two sites each with an MTA and MX record. We think about
> introducing CipherMail into our infrastructure.
>
> Obviously, there is a way using MariaSQL/MySQL and Galera Cluster,
> HAproxy, ... to create a "real" cluster. With at least three nodes
> and a lot of overhead, this seems to be a little too much for our use
> case.
>
> I thought of a solution with PostgreSQL, backup, transfer backup to
> the other site, restore there, automated as a cron job.
> Configuration would only be possible on the "master" site, but that's
> okay.
> The database on the "slave" site would be overwritten regularly.
>
> In your opinion, what do you think would be a simple solution for my
> use case?
> Would my idea even work?
The best setup is to use a master/master database like Galera. If you
use a primary and secondary server, you need to make sure you never
write data to the secondary server because that will be overwritten
when the primary server syncs to the secondary server.
The secondary server will add or update the database in various cases.
For example if you receive digitally signed email, the certificate will
be extracted and added to the database. Or, if you send a PDF encrypted
email with the password auto-generated, a user object for the recipient
will be added. If this happens on the secondary server, those changes
will be overwritten.
The best setup is therefore to use a master/master database.
If you use a primary/secondary database, make sure all database changes
are applied to the primary database. This requires that a fail-over is
done to the secondary when the primary fails.
If you can be certain that changes are only applied to one database
(primary), then you can periodically sync the primary to the secondary
database without fail-over.
Kind regards,
Martijn Brinkers
--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger
We have two sites each with an MTA and MX record. We think about introducing CipherMail into our infrastructure.
Obviously, there is a way using MariaSQL/MySQL and Galera Cluster, HAproxy, ... to create a "real" cluster. With at least three nodes and a lot of overhead, this seems to be a little too much for our use case.
I thought of a solution with PostgreSQL, backup, transfer backup to the other site, restore there, automated as a cron job.
Configuration would only be possible on the "master" site, but that's okay.
The database on the "slave" site would be overwritten regularly.
In your opinion, what do you think would be a simple solution for my use case?
Would my idea even work?