* on the Mon, Mar 03, 2014 at 05:58:49PM +0100, Leonardo Boselli wrote: > Is possible to authenthicate the acceptance of e-email based on the GPG > signature, that is every message has a GPG signature, if the message > is signed by someone that is in the public keyring of MTA, and the > gignature is verifiesm, it is accepted, else is refused ?
I did something similar in the past (contract work), but with S/MIME rather than PGP, and it just added a header to the email if S/MIME verification passed, rather than using it for authentication. I suspect it would be quite easy to write an embedded Perl script to do this using Mail::GnuPG. In Exim in the DATA ACL you would check if $message_body contains "-----BEGIN PGP SIGNATURE-----" and if it does, feed $message_headers and $message_body into the script. -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
