[Djigzo users] all outgoing Messages are PDF encrypted

Martijn Brinkers martijn at djigzo.com
Thu Apr 15 12:10:11 CEST 2010


flo wrote:

 >> What happens if you set "Encrypt Mode" to "No Encryption"? If the
 >> sender or the recipient has "No Encryption" for encrypt mode the
 >> message should not be PDF encrypted.
 > Ah, okay. I had misunderstood it.

The MPA mailflow flowchart can sometimes be helpful to see why the 
gateway reacts in certain ways (see appendix E of the administration guide).

 >> I will put it on the development agenda. If you really need it soon
 >> you can manually configure config.xml and add a trigger for a
 >> certain header.
 > Great! Dont hurry. I'll try it configuring config.xml.

You can add the following mailet/matcher rule to 
/etc/djigzo/james/config.xml:

<mailet 
match="HeaderValueRegEx=matchOnError=false,X-Djigzo-Force-Encrypt=(?i)true" 
class="SetAttributes">
     <log> Sender encrypt mode is mandatory </log>
     <!-- message must be encrypted -->
     <runtime.mustEncrypt> true </runtime.mustEncrypt>
</mailet>


This will force encryption if the following header is present in 
outgoing email:

X-Djigzo-Force-Encrypt: true

You can change the header name that triggers it and the regular 
expression (the expression comes after the header name).

You should add the mailet/matcher rule in the "external" processor just 
below the "IsSMIME" matcher.

I have attached the config.xml file with the added mailet/matcher rule.

Kind regards,

Martijn Brinkers

flo wrote:
> Hi Martijn,
> 
> Thank's for the answer.
> 
>>> We are using Djigzoo Version: 1.3.2-1. Built: 2010-03-29-10:20.
>>> All en/decryption with keys run perfect. But if we use "Send to
>>> originator" switch then all outgoing Mails are PDF encrypted (for all
>>> Recipients without certificate) - no matter of "Encrypt Mode".
>>> Did I configure somewhat wrongly?
>> What happens if you set "Encrypt Mode" to "No Encryption"? If the sender
>> or the recipient has "No Encryption" for encrypt mode the message should
>> not be PDF encrypted.
> Ah, okay. I had misunderstood it.
> 
>>> Another Question:
>>> Is it possible to use a "Force encryption trigger" like "Force signing
>>> trigger" for Headers?
>> So you want the same functionality as "Force signing trigger" but now it
>> should force the encryption?
> That's exactly what I want!
> 
>> I will put it on the development agenda. If you really need it soon you
>> can manually configure config.xml and add a trigger for a certain header.
> Great! Dont hurry. I'll try it configuring config.xml.
> 
> Thank's a lot!
> 
> Kind regards,
> 
> Florian Reinecke
> 
>> Users mailing list
>> Users at lists.djigzo.com
>> http://lists.djigzo.com/lists/listinfo/users
> 


-- 
Djigzo open source email encryption
-------------- next part --------------
A non-text attachment was scrubbed...
Name: config.xml
Type: text/xml
Size: 78749 bytes
Desc: not available
URL: <http://lists.ciphermail.com/pipermail/users/attachments/20100415/4d4b9e4f/attachment-0001.xml>


More information about the Users mailing list