Zitat von Mark Blackman <[email protected]>:
On 27 Oct 2010, at 13:11, [email protected] wrote:Zitat von Mark Blackman <[email protected]>:On 27 Oct 2010, at 13:02, Tomasz Chmielewski wrote:Is it somehow possible to make Postfix add a digital signature to outgoing emails?Most likely Postfix itself can't do it, but maybe there is some filter (similar to amavis, or dkimproxy) which can be used with Postfix, which lets digitally sign email (i.e. if From: is X1, sign with key K1)?That's a job for the MUA, not the MTA. There's no fraud-proof way for postfix to know who is sending the email.If username/password with TLS is enough there are fraud-proof ways do it Postfix content-filter, if not be sure to use at least ID-cards class3 with your MUA.You're right, of course. I was overlooking that case and thinking of the more general internal unauthenticated relay case.I still suspect that's better done at the MUA level though, as the digital signature requires the use of a private keywhich should have a passphrase that only an interactive session can ask for.OTOH, you can imagine uses of digital signatures that are slightly less demanding than the case of an individual makinglegally-binding statements.
In case of e-mail it is most of the time more of validating the sender in common-sense (Anscheinsbeweis) and not legally-binding. At least here in germany there is no valid *automatic* signing anyway which could be legally-binding.
Regards Andreas
smime.p7s
Description: S/MIME Cryptographic Signature
