> Am 02.07.2015 um 17:17 schrieb Patrick Ben Koetter <[email protected]>: > > We've just released smilla, a SMIMEA aware milter. smilla implements > draft-ietf-dane-smime as specified by the IETF DANE WG. > > The program has been written in Python. It has been in production since April > 2015 at some ISPs and is considered stable. > > At the moment it uses a generic DNS RR. This will change once a dedicated > resource record has been defined. > > smilla is a joined effort between sys4 and Posteo.de to demonstrate our > interest in SMIMEA. > > You can find the source code at <https://github.com/sys4/smilla>. > > FYI: smilla will be merged with Paul Wouters openpgpkey-milter. The merge > already started a few weeks ago. We expect to finish it soon. The result will > be released as a new project on github.
Just a little side note to the milter: As some top level DNS servers have/had problems with their firewalls concerning generic RRs, I have modified the code to let go a mail in plain text, if asking the DNS server results in a "serv fail“. This will be changed, once a standardized RR for SMIMEA is available. I also have set a global variable DEBUG=True, which keeps the milter in foreground. Set it to False to get a regular daemon. As this code uses crypto routines to deal with PKCS#7, I invite people to review the code for security concerns. When we developed the milter, we only thought about outgoing mail on the submission port. But the milter does also great work on the incoming side! Configuring it this way, all your mail is stored encrypted on disk and the key is on your workstation! So SMIMEA is very interesting for both directions of the mail transport. Further discussion on Github. Thanks Christian
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
