On 06/11/2012 09:07 AM, Uwe Schneider wrote:
the system is working pretty fine. Removing signatures and decrypting at the gateway
hides all SMIME stuff from the MUA.
The header records what actually happend.
But right now, one point is missing for me. Imagine a user has an internal policy to
verify, that the message between him and a particular remote has be signed or even
Digzo hides all these stuff, this if fine. But is there a possibility to trigger a footer
in dependence of SMIME actions? If incoming message signature is removed, the footer would
attest, that it was signed; same with encryption.
I cannot find any possibilty to set a footer in dependence of removing and decrypting
Adding a footer is actually not a trivial task. What to do for example
if the message is an HTML only message? Add the footer somewhere to the
HTML? Add a text attachment? Another possible problem with a footer is
that it can easily be spoofed by the sender. The sender can add a footer
without encrypting the email.
With that said :), the 2.4.0 release has the option to add information
to the subject whether the message was signed and/or encrypted and
whether the signature was trusted. Although this can still be spoofed,
you use the subject filter to remove all security info tags for incoming
email before handling the email.
Hope this might be what you are looking for
DJIGZO email encryption