Ben Johnson
2013-Jun-13 19:19 UTC
[Dovecot] Auto-responder to handle unencrypted (and/or unsigned) email messages whose origin is not localhost
Hi, everyone, I'm surprised how little exists on the Internet regarding this particular subject. Given the recent headlines, that is about to change, I'm sure. I have a need to send an automated response to all senders who attempt to send unencrypted and/or unsigned email to a specific mailbox on my system. (Messages originating from localhost should be exempt.) I would like for the auto-reply to include a customized message with the appropriate public PGP key contained therein. Has anyone accomplished this? If not, some basic theory as to how one might go about achieving this would be greatly appreciated. Perhaps this is a job for Dovecot's "sieve_before" directive. Would this simply be a matter of checking the message body for the expected patterns, e.g., starts with "----- BEGIN PGP MESSAGE -----", etc., etc. and sending an automated reply with the public key if the expected strings are not present? Any additional thoughts would be very helpful! Thank you in advance, -Ben
Ben Johnson
2013-Jun-13 20:58 UTC
[Dovecot] Auto-responder to handle unencrypted (and/or unsigned) email messages whose origin is not localhost
On 6/13/2013 3:19 PM, Ben Johnson wrote:> Hi, everyone, > > I'm surprised how little exists on the Internet regarding this > particular subject. Given the recent headlines, that is about to change, > I'm sure. > > I have a need to send an automated response to all senders who attempt > to send unencrypted and/or unsigned email to a specific mailbox on my > system. (Messages originating from localhost should be exempt.) > > I would like for the auto-reply to include a customized message with the > appropriate public PGP key contained therein. > > Has anyone accomplished this? If not, some basic theory as to how one > might go about achieving this would be greatly appreciated. > > Perhaps this is a job for Dovecot's "sieve_before" directive. Would this > simply be a matter of checking the message body for the expected > patterns, e.g., starts with "----- BEGIN PGP MESSAGE -----", etc., etc. > and sending an automated reply with the public key if the expected > strings are not present? > > Any additional thoughts would be very helpful! > > Thank you in advance, > > -Ben >I was able to fulfill the objective with a sieve script. The only nuances are the inability to control the subject line of the automated reply (it always reads, "Automatically rejected mail"), and Sieve warnings that the "reject" action conflicts with the "keep" action. The only real improvement would be to use the "sieve_extprograms" plug-in to send the automated reply using sendmail or similar. Then, the contents of the automated reply could be controlled entirely, and the Sieve warnings regarding conflicting actions would disappear. Happy to answer any questions regarding implementation details. --Ben
Benny Pedersen
2013-Jun-14 23:52 UTC
[Dovecot] Auto-responder to handle unencrypted (and/or unsigned) email messages whose origin is not localhost
Ben Johnson skrev den 2013-06-13 21:19:> Any additional thoughts would be very helpful!is opendkim not good ?, but yes its not encryption, but signing only, does vacation go out in wild to be untrusted sender ?, why would anyone talk about vacation to maillists ?, its a bit of paranoid, but i like to be home when friends take a visit -- senders that put my email into body content will deliver it to my own trashcan, so if you like to get reply, dont do it