On 08/12/2014 10:29 PM, Stephane wrote:
I have been running my first deployment of ciphermail/djigzo for a
few days, and I like it a lot.
I managed to configure pretty much everything how I wanted, but there
is one thing which I could not find: is it possible to instruct the
MPA not to decrypt incoming emails even if it has the correct private
key to do it?
My use case is the following: I would like to use ciphermail to
enforce outbound encryption and signature. On the other hand for
inbound messages there is no enforcement of receiving only encrypted
emails. However if received emails are encrypted I would like this to
be more visible to users than just via the headers (as would be the
case if decryption is done at MPA), and also ensure a maximum
security in keeping the secrecy as close to the reader client as
possible. I do not need virus/spam checking for encrypted messages at
the gateway level.
The gateway has been configured to always decrypt if there is a private
key available. In your case there are a couple of options. One option
would be to not relay email for your incoming domains through the
ciphermail gateway. Whether or not this works depends on your email
setup. Another option would be to change the mail flow. The complete
mail handling is described in the file config.xml. You can disable or
side-step the decryption part.
One other reason for the request is that I suspect a
bug, or at least
an incompatibility with signed+encrypted messages that get
incorrectly transformed into a message with a single attachment
called smime.p7m which the webmail cannot identify. This occurs every
time I receive a signed+encrypted email generated at the external
sender from outlook through ciphermail and have cipermail decrypt the
message (my server is set to not remove signature from messages -
again I want users to have a maximum visibility of what happens to
their communications). This was raised previously to this list (july
21st) but I could not see a final answer.
This is not a bug but caused by the signing format of the sender. S/MIME
signatures come in two flavours: opaque signed and clear text signed.
With an opaque signature the message is encoded in a way that only an
S/MIME capable reader can show the message. An opaque message has an
smime.p7m attachment. The smime.p7m attachment is not encrypted and can
be opened with an S/MIME capable reader without requiring the private
key, With S/MIME clear signing the message is a normal message with an
smime.p7s attachment and can be viewed by a normal email client. Outlook
for example uses opaque signing when the message is signed and
encrypted. Therefore after encryption, the message will be an opaque
signed message with the smime.p7m attachemnt, Since you talk about
webmail I guess your webmail client does not know how to decode the
signed smime.p7m attachment. The workaround is to enable "remove
signature" option since this will convert the signed smime.p7m into a
PS you send the message with a different email address than the email
address you are registered with to the mailing list.
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.