15 Jul
2014
15 Jul
'14
12:55 a.m.
Hello,
i am new at ciphermail and am using the latester version 2.8.6-2 on a
Debian Squeeze machine.
I want to use a very simple setup: I want to sign all outgoing mails
from "tbals(a)sender.de" to any destination.
I first create a PGP keyring to one of my emailadresses. On the user
account I can see this key in "PGP -> signing key".
But when I sent a email to any address this mail is not signed.
I try to check and uncheck some parameters like "force signing header"
and "only sign when encrypt", but these parameters are only available in
S/MIME section, not for PGP
And its sill not working.
Any ideas? Attached some output of my djigzo.log.
I have only one user (tbals(a)sender.de) in Database.
Regards
Thomas
15 Jul
15 Jul
11:16 a.m.
On 07/15/2014 12:55 AM, Thomas Bäumer wrote:
i am new at ciphermail and am using the latester
version 2.8.6-2 on a
Debian Squeeze machine.
I want to use a very simple setup: I want to sign all outgoing mails
from "tbals(a)sender.de" to any destination.
I first create a PGP keyring to one of my emailadresses. On the user
account I can see this key in "PGP -> signing key".
But when I sent a email to any address this mail is not signed.
I try to check and uncheck some parameters like "force signing header"
and "only sign when encrypt", but these parameters are only available in
S/MIME section, not for PGP
And its sill not working.
Any ideas? Attached some output of my djigzo.log.
I have only one user (tbals(a)sender.de) in Database.
Hi Thomas,
PGP sign only was not (yet) added. It will be added to the next release
though. You can however add PGP signing by modifying config.xml
(config.xml describes the mail flow).
The attached patch will add a matcher that will trigger when the sender
has set the advanced custom 1 property to "true" (without the quotes).
I also attached the complete config.xml so you can replace the existing
(make a backup first) with the new one without using the patch.
After replacing or modifying config.xml, you need to restart the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1 property of the sending user
to "true" (without the quotes) to trigger PGP sign only for this sender.
Kind regards,
Martijn Brinkers
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
http://www.ciphermail.com
Twitter: http://twitter.com/CipherMail
2:44 p.m.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello Martijn,
many thank you for this patch, now its working as requested.
I didn't know that "PGP sign only" is not implemented yet. I thought
this is a very basic operation.
Any idea when the next version which includes this will be released?
Regards
Thomas
I want to use
a very simple setup: I want to sign all outgoing
mails from "tbals(a)sender.de" to any destination.
Hi Thomas,
PGP sign only was not (yet) added. It will be added to the next
release though. You can however add PGP signing by modifying
config.xml (config.xml describes the mail flow). The attached
patch will add a matcher that will trigger when the sender has set
the advanced custom 1 property to "true" (without the quotes). I
also attached the complete config.xml so you can replace the
existing (make a backup first) with the new one without using the
patch. After replacing or modifying config.xml, you need to restart
the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1 property of the
sending user to "true" (without the quotes) to trigger PGP sign
only for this sender. Kind regards, Martijn Brinkers -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJTxSItAAoJEK8JqSCpxUahNKEP/iN8fZ2029K0MXLWEMMfcIOB
a4QnXvQP0OmRnIP55kKdbu05V5NBhkgLXG74YAjmSq5sDFX+3StUUO8EME7sZM0D
aJr1ZH1QfTWLZwC8t003TQOfRqgeF1ugYXAOrzvwPU57VT2ufzojkqwtPpyEYEb+
nEKC9hGpbyxRxHB6kavJuMZdszVnY55IpPObxXMtHpgAfp5+REgGpkbzE3vulRsz
nhFRbsg/r5RXXBGdDhmTxX//DdpC62EQ80AUtZLB5Y2puy1F4ceyiAIxi+yW4jKp
rlpAIF6w9pYU27l+Ct5ejjN/IdHy6OS6L/6EAIHfrEwQWIqYXh2uUAUNefKrSVA7
Ix49cR/zvjoYVkiJVqfURk7t7lAzovypEznIYf5/kc4MUScEXPuPzJ4KqkcuP8nw
bAOZmtw8DQ/iySXV3oRuwq/lIxjNGXLqgj9Bownyp2zjmOGgR1CxSItS0yX+3Han
WxAh9hXSwjRjQ6SiThERRq2KMclA3Y/X/N/XZarzXlUhL1Ay2jlka2XLUCO9CTWJ
b8shMWgxUOjR9xauCa/HdjoQ65DGEFXEoqBb56X6Diivg8GfFrnVq6h241D7nV69
jQtRGqoNCEy53yqOp+XOOX0L11Xu3Rx0Uj5B/Mdk1LGNPq5GQxY73l8yYOwhDJU3
OsBXx6q6oJMfgnf5usGT
=knTX
-----END PGP SIGNATURE-----
3:12 p.m.
On 07/15/2014 02:44 PM, Thomas Bäumer wrote:
In principle it is, adding it only required some changes to
config.xml. The problem with PGP signing is that most recipients (in
general) do not know how to handle PGP signatures and that PGP signing
is mostly used by users who are already familiar with PGP. We did not
add signing yet because it might require changes to other parts of
config.xml as well. For example there are triggers to force signing.
Currently those triggers only trigger S/MIME signing. We are
investigating how to add PGP signing in a logical way to make it work
consistently.
> I want to use a very simple setup: I want to
sign all outgoing
> mails from "tbals(a)sender.de" to any destination.
>
Hi Thomas,
PGP sign only was not (yet) added. It will be
added to the next
release though. You can however add PGP signing by modifying
config.xml (config.xml describes the mail flow). The attached
patch will add a matcher that will trigger when the sender has
set the advanced custom 1 property to "true" (without the
quotes). I also attached the complete config.xml so you can
replace the existing (make a backup first) with the new one
without using the patch. After replacing or modifying config.xml,
you need to restart the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1
property of the
sending user to "true" (without the quotes) to trigger PGP sign
only for this sender. Kind regards, Martijn Brinkers
Hello Martijn,
many thank you for this patch, now its working as requested.
I didn't know that "PGP sign only" is not implemented yet. I
thought this is a very basic operation. Any idea when the next version which includes this
will be
released?
We do not have a date yet. We will wait for some more feedback to the
latest release.
Kind regards,
Martijn Brinkers
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
http://www.ciphermail.com
Twitter: http://twitter.com/CipherMail
17 Jul
17 Jul
9:31 p.m.
Hello Martijn,
I patched the config.xml and than I get a Signatur. But this is like an attachment called
signatur.asc
I expect something like:
alice% gpg --clearsign doc
You need a passphrase to unlock the secret key for
user: "Alice (Judge) <alice(a)cyb.org>"
1024-bit DSA key, ID BB7576AC, created 1999-06-04
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[...]
In principle it is, adding it only required some changes to
config.xml. The problem with PGP signing is that most recipients (in
general) do not know how to handle PGP signatures and that PGP signing
is mostly used by users who are already familiar with PGP. We did not
add signing yet because it might require changes to other parts of
config.xml as well. For example there are triggers to force signing.
Currently those triggers only trigger S/MIME signing. We are
investigating how to add PGP signing in a logical way to make it work
consistently.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.7 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjdYCQoACgkQJ9S6ULt1dqz6IwCfQ7wP6i/i8HhbcOSKF4ELyQB1
oCoAoOuqpRqEzr4kOkQqHRLE/b8/Rw2k
=y6kj
-----END PGP SIGNATURE-----
How could I verify this signatur.asc?
gpg --verify signature.asc
gpg: no signed data
gpg: can't hash datafile: No data
cat signature.asc
-----BEGIN PGP SIGNATURE-----
Version: CIPHERMAIL (2.8.6-2)
iQIcBAABCgAGBQJTx/FgAAoJEFsAK2UosMjTdUoP/j7NjGvuu5/z4rcoc0HlVeO3
idTGpdhaPmOc/j5zzl9x7QXOMP5zcw9/MAouF5iUaVpB9oZ+Gs1aVKndljkHSTQN
JFwwixD8fsWprU+ixGjMBufXYflrkTIBqMCTlLnMfXWjzJvz+IJYRZ16n5b/Wseb
Ofui/Zv/4JoxAC+Il+gmNWHvOuupj6Qav6x0pCTVr8c4CvvZsU6n14uEpwjSDO5d
Fu8CrCC50OpSz0OA00kWHNPJQnPkErTIRszFtK217+6e7MfRjWaCH9WwWMNRj+//
TKHhcHVHPYc5Ob7A8leTpXoi6Rus7IEeEloSXIlpIAUtDkACnmQcM2eQ/Mrvu9MI
YTu2HESWvj/MB5023oKHdVH4mCjRRktJ5AK2GAleSTfzDUiVkhLHlATNKs7QmnEq
AD7wSqGSGWkQFBhgirf+7JZswbitZsnzf0Mqwa/IIylOzBkbg/1eQP6Adi4+OGuQ
/KVJIANafUQ2rC8sWpwMX1JFvGASDsXd/OGYz4iwQCUSSCXEpN+JGTSqZ3sjtztn
s8FB5ijtUL9ZAVUcU2BcCPXisZR5SBxfHvgXuhfRoLnHS6iytnmPvgZOrTak1xD+
BMjdg1e4yeFD9A36i7QuUTrvHleKGAYCcwKjXIj+pv5wfeARDAUrv+w4mU9bm66t
VoovSmWdPgKs0Ph6ai9O
=deNN
-----END PGP SIGNATURE-----
Thanks Peter
________________________________________
Von: users-bounces(a)lists.djigzo.com [users-bounces(a)lists.djigzo.com]&quot; im Auftrag
von "Martijn Brinkers [martijn(a)djigzo.com]
Gesendet: Dienstag, 15. Juli 2014 15:12
An: users(a)lists.djigzo.com
Betreff: Re: [Djigzo users] force sign all outgoing mails
On 07/15/2014 02:44 PM, Thomas Bäumer wrote:
> I want to use a very simple setup: I want to
sign all outgoing
> mails from "tbals(a)sender.de" to any destination.
>
Hi Thomas,
PGP sign only was not (yet) added. It will be
added to the next
release though. You can however add PGP signing by modifying
config.xml (config.xml describes the mail flow). The attached
patch will add a matcher that will trigger when the sender has
set the advanced custom 1 property to "true" (without the
quotes). I also attached the complete config.xml so you can
replace the existing (make a backup first) with the new one
without using the patch. After replacing or modifying config.xml,
you need to restart the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1
property of the
sending user to "true" (without the quotes) to trigger PGP sign
only for this sender. Kind regards, Martijn Brinkers
Hello Martijn,
many thank you for this patch, now its working as requested.
I didn't know that "PGP sign only" is not implemented yet. I
thought this is a very basic operation. Any idea when the next version which includes this
will be
released?
We do not have a date yet. We will wait for some more feedback to the
latest release.
Kind regards,
Martijn Brinkers
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
http://www.ciphermail.com
Twitter: http://twitter.com/CipherMail
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users
9:42 p.m.
On 07/17/2014 09:31 PM, Peter Haufschild wrote:
Hello Martijn,
I patched the config.xml and than I get a Signatur. But this is
like an attachment called signatur.asc I expect something like:
alice% gpg --clearsign doc
You need a passphrase to unlock the secret key for user: "Alice
(Judge) <alice(a)cyb.org>" 1024-bit DSA key, ID BB7576AC, created
1999-06-04
[...]
How could I verify this signatur.asc?
gpg --verify signature.asc gpg: no signed data gpg: can't hash
datafile: No data
With PGP you have two
ways to encode your message: PGP/MIME and
PGP/INLINE (also known as PGP traditional). PGP/MIME signs and/or
encrypts the complete MIME message. The main benefit of PGP/MIME is
that it better supports attachments and that HTML email is supported.
However some PGP clients do not support PGP/MIME and they require
PGP/INLINE. I guess you want PGP/INLINE and not PGP/MIME. The downside
of PGP/INLINE is that HTML email is not supported. There are hacks to
support HTML but it is a hack and currently not supported by
Ciphermail. If a message only contains HTML, the HTML will be
converted to text before signing. Since PGP/MIME is generally advised,
PGP/MIME is set as the default encoding. To enable PGP/INLINE, set
"PGP encoding" to PGP/INLINE (this is for outgoing email, for incoming
email the equivalent setting is "Incoming PGP/INLINE enable").
BTW you can validate a PGP/MIME message on the command line by using
the complete MIME message (i.e., including attachments) as the input
to gpg.
Kind regards,
Martijn Brinkers
cat signature.asc -----BEGIN PGP SIGNATURE----- Version: CIPHERMAIL
(2.8.6-2)
iQIcBAABCgAGBQJTx/FgAAoJEFsAK2UosMjTdUoP/j7NjGvuu5/z4rcoc0HlVeO3
idTGpdhaPmOc/j5zzl9x7QXOMP5zcw9/MAouF5iUaVpB9oZ+Gs1aVKndljkHSTQN
JFwwixD8fsWprU+ixGjMBufXYflrkTIBqMCTlLnMfXWjzJvz+IJYRZ16n5b/Wseb
Ofui/Zv/4JoxAC+Il+gmNWHvOuupj6Qav6x0pCTVr8c4CvvZsU6n14uEpwjSDO5d
Fu8CrCC50OpSz0OA00kWHNPJQnPkErTIRszFtK217+6e7MfRjWaCH9WwWMNRj+//
TKHhcHVHPYc5Ob7A8leTpXoi6Rus7IEeEloSXIlpIAUtDkACnmQcM2eQ/Mrvu9MI
YTu2HESWvj/MB5023oKHdVH4mCjRRktJ5AK2GAleSTfzDUiVkhLHlATNKs7QmnEq
AD7wSqGSGWkQFBhgirf+7JZswbitZsnzf0Mqwa/IIylOzBkbg/1eQP6Adi4+OGuQ
/KVJIANafUQ2rC8sWpwMX1JFvGASDsXd/OGYz4iwQCUSSCXEpN+JGTSqZ3sjtztn
s8FB5ijtUL9ZAVUcU2BcCPXisZR5SBxfHvgXuhfRoLnHS6iytnmPvgZOrTak1xD+
BMjdg1e4yeFD9A36i7QuUTrvHleKGAYCcwKjXIj+pv5wfeARDAUrv+w4mU9bm66t
VoovSmWdPgKs0Ph6ai9O =deNN -----END PGP SIGNATURE-----
Von: users-bounces(a)lists.djigzo.com
[users-bounces(a)lists.djigzo.com]&quot; im Auftrag von "Martijn
Brinkers [martijn(a)djigzo.com] Gesendet: Dienstag, 15. Juli 2014
15:12 An: users(a)lists.djigzo.com Betreff: Re: [Djigzo users] force
sign all outgoing mails
On 07/15/2014 02:44 PM, Thomas Bäumer wrote:
In principle it is, adding it only required some changes to
config.xml. The problem with PGP signing is that most recipients
(in general) do not know how to handle PGP signatures and that PGP
signing is mostly used by users who are already familiar with PGP.
We did not add signing yet because it might require changes to
other parts of config.xml as well. For example there are triggers
to force signing. Currently those triggers only trigger S/MIME
signing. We are investigating how to add PGP signing in a logical
way to make it work consistently.
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
http://www.ciphermail.com
Twitter: http://twitter.com/CipherMail
> I want to use a very simple setup: I want to
sign all
> outgoing mails from "tbals(a)sender.de" to any destination.
>
Hi Thomas,
PGP sign only was not (yet) added. It will be
added to the
next release though. You can however add PGP signing by
modifying config.xml (config.xml describes the mail flow). The
attached patch will add a matcher that will trigger when the
sender has set the advanced custom 1 property to "true"
(without the quotes). I also attached the complete config.xml
so you can replace the existing (make a backup first) with the
new one without using the patch. After replacing or modifying
config.xml, you need to restart the back-end
sudo /etc/init.d/djigzo restart
After the restart set the advanced custom 1
property of the
sending user to "true" (without the quotes) to trigger PGP
sign only for this sender. Kind regards, Martijn Brinkers
Hello Martijn,
many thank you for this patch, now its working as requested.
I didn't know that "PGP sign only" is not implemented yet. I
thought this is a very basic operation. Any idea when the next version which includes
this will be
released?
We do not have a date yet. We will wait for some more feedback to
the latest release.
Kind regards,
Martijn Brinkers
-- CipherMail email encryption
Open source email encryption gateway with support for S/MIME,
OpenPGP and PDF messaging.
http://www.ciphermail.com
Twitter: http://twitter.com/CipherMail
_______________________________________________ Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users
_______________________________________________ Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users
2860
days inactive
2863
days old
5 comments
3 participants
participants (3)
-
Martijn Brinkers -
Peter Haufschild -
Thomas Bäumer