Looking at doing a project and have played with Djigzo for a few hours
(On CentOS5) and am trying to figure out if it will work for our
needs. It is not looking promising. I'm using Thunderbird here in
1) I can't seem to figure out how to get every user's SMIME cert to
every other user. Example: I've created johnny(a)bar.baz and
sammy(a)bar.baz. I created the internal CA, created a cert for both of
them and imported it. But, at that point, how do I send an encrypted
message between Johnny and Sammy? Without Sammy having Johnny's keys
and vice-versa, there isn't a way to encrypt the outgoing message. On
the certificates page, there is an option to "download all keys." But
aren't these the private keys? I wouldn't want every user to have
every user's private keys.
2) Is there any way to prevent Djigzo from DEcrypting incoming messages?
Essentially, here's what I'm looking for:
-- All messages in a user's mail folders are SMIME encrypted.
-- Any incoming mail that is SMIME encrypted for that user passes untouched.
-- Any incoming mail that is unencrypted is encrypted by Djigzo using
the user's own key.
-- Any outgoing mail that is encrypted is untouched
-- Any outgoing mail that is unencrypted is untouched.
I think that Djigzo ends up being total overkill in this situation?