Austin Witmer
2021-Dec-08 02:38 UTC
Force clients to use pgp encryption when sending email?
?Hello all! I am looking for a way to force imap clients to encrypt their messages with the public keys of the recipients before sending them. Would a post-login script in dovecot work for something like this? I am using postfix and dovecot on my mail server. Basically I want the server to check if the message being sent is encrypted with OpenGPG and either proceed or reject the message based on that criteria. If the message is rejected, the user could then encrypt the outgoing email message with the recipient public key and try again. Does anybody have a suggestion on how to implement something like this? Would there be a way that the the client software (thunderbird) could show an alert asking the user to encrypt the message and then attempt to resend the message? I realize that you can tell a client (like thunderbird) to automatically encrypt outgoing messages with pgp but I would like to have some way to enforce that policy at the server level before the email is sent. I want to have all messages end-to-end encrypted, hence my desire for functionality like this. Any suggestions are welcome. Thanks in advance for your help!
dovecot at ptld.com
2021-Dec-08 03:35 UTC
Force clients to use pgp encryption when sending email?
> Basically I want the server to check if the message being sent is encrypted with OpenGPG and either proceed or reject the message based on that criteria.Postfix is your submission service so i think best to look that direction. If there is a header you can check for (if the header exist then allow sending) then postfix has header checks regexp/pcre that would be simple enough to setup. On the more complex side, postfix also supports policy servers you can write as a script (php, perl, python, etc) or you can go full on milter. http://www.postfix.org/header_checks.5.html http://www.postfix.org/SMTPD_POLICY_README.html http://www.postfix.org/postconf.5.html#non_smtpd_milters