Here’s the full headers of my message: Return-Path: <[email protected]> Delivered-To: [email protected] Received: from mx1.la1.clx.corp by mx1.la1.clx.corp with LMTP id 0eMYEMQX+mD9BAIAzivOYw (envelope-from <[email protected]>) for <[email protected]>; Thu, 22 Jul 2021 18:13:40 -0700 Received: from localhost (localhost [127.0.0.1]) by mx1.la1.clx.corp (Postfix) with ESMTP id E5761412E05 for <[email protected]>; Thu, 22 Jul 2021 18:13:39 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.la1.clx.corp E5761412E05 X-Virus-Scanned: amavisd-new at coldlogix.com Received: from smtp.coldlogix.com ([127.0.0.1]) by localhost (smtp.coldlogix.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3RyMjMJsZQrY for <[email protected]>; Thu, 22 Jul 2021 18:13:36 -0700 (PDT) Received: from smtp.coldlogix.com (cmx01.la1.clx.corp [192.168.30.23]) by mx1.la1.clx.corp (Postfix) with ESMTPS id 6F1F74C3589 for <[email protected]>; Thu, 22 Jul 2021 18:13:28 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.la1.clx.corp 6F1F74C3589 Received: from cmx01.la1.clx.corp (localhost [127.0.0.1]) by smtp.coldlogix.com (CipherMail) with ESMTP id 4GWBCX1P3Rz2SSxp for <[email protected]>; Thu, 22 Jul 2021 18:13:28 -0700 (PDT) Received: from mail.subtraverse.net (netman.subtraverse.intra [192.168.10.10]) by smtp.coldlogix.com (CipherMail) with ESMTP id 4GWBCW49cKz2SSxp for <[email protected]>; Thu, 22 Jul 2021 18:13:27 -0700 (PDT) Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.subtraverse.net (Postfix) with ESMTP id 5C3F2146F9E for <[email protected]>; Thu, 22 Jul 2021 18:13:27 -0700 (PDT) Received: from mail.subtraverse.net ([127.0.0.1]) by localhost (mail.subtraverse.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id mmNPq8Z2mIx2 for <[email protected]>; Thu, 22 Jul 2021 18:13:26 -0700 (PDT) Received: from smtpclient.apple (unknown [10.10.10.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.subtraverse.net (Postfix) with ESMTPSA id 55C27146F9C for <[email protected]>; Thu, 22 Jul 2021 18:13:26 -0700 (PDT) Date: Thu, 22 Jul 2021 21:13:25 -0400 From: Jeremy Hansen <[email protected]> To: [email protected] Message-ID: <[email protected]> Subject: Test MIME-Version: 1.0 Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="----=_Part_8_1019438032.1627002808114" X-Virus-Scanned: amavisd-new at subtraverse.net DKIM-Filter: OpenDKIM Filter v2.11.0 mail.subtraverse.net 55C27146F9C X-Mailer: Apple Mail (2.3654.100.0.2.22) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,ENCRYPTED_MESSAGE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mx1.la1.clx.corp
------=_Part_8_1019438032.1627002808114
Content-Type: application/pgp-encrypted
Content-Transfer-Encoding: 7bit
Content-Description: PGP/MIME version identification
Version: 1
------=_Part_8_1019438032.1627002808114
Content-Type: application/octet-stream; name=encrypted.asc
Content-Transfer-Encoding: 7bit
Content-Description: OpenPGP encrypted message
Content-Disposition: inline; filename="encrypted.asc"
-----BEGIN PGP MESSAGE-----
Version: CipherMail (5.0.4)
hQIMA2Ju2ERNzXXmARAAhBNlL6BB6nc148QUFQy4u6CIiw1M2a+wKfhlrA5Mnpnx
tbkHNIPch90gGHFWgH/1fa+PlHfdj+EsYLow+b5+SSSZhrvyDvWCMvky+tJUN0va
qeWH8HfEgR2Pwj1/ziSxeUXZr8Kc5FScU/JKN/TEQcdP8mSZwkx146bbXU3a8yUi
PRdWc9UCFilN0HoNtZaNcW0Q0TdWySzi9+UFuighD/EqRozKin3Y6iKvb3zZxFIj
+u5s5FZta+Up9V/LN5CIH7IkbuSNhWMiSszf7zmwdowSyQDwx72a9xB2nndiOaWw
W4kcVK9LlcQSusbAVq9xfZ8LjJBNQMHJF84ppRn355tvRVuL6T9YyVnGmVX85G9Y
S3S3S5Z6nnNm4u7r6cD1p9dBWIDk8HiTvVjkdZAr+sGhy0Ukxm0Of+pbal+T4cgk
kxZHoS100XgTHZJWMzNT9F1WNAZnir4AgdD0P+5Q1uTvCKnWkzPdlxPZ26mwfd4D
pRB0W4Jg+uHfhVlgJp6kg0BJdXUQxxtlurk6o/F1GFNVI1WhTQEXzfnfnCNR/NO+
cvhmJhrplZts/3aqC6NSDT/bRsmDvAQbKenUWhUaqYBHkfS9jRl6UuU2jynnqhYS
IkVIMbrZS+9LTBYHirhLiYf6S7Sbxh5nXyNlEpeAhCFj5geIi47Y5/ll0+3qu6PS
yXABWC9M1+tp0TIkTcimbB8QwnJbDEovY9VQUJp7YKHQsNoixAmH1ZrEVuj3piqq
ifqnA84UJvSli7jCZjL4v4EgGnA/wuOHlBN4L1v4OxQrirbEsOYqxR0/6Pmg5pN2
die+pVZHqEU1nSvKLGHV7diTFXGJ7HrXJdRgp9pw+zCoUW2qxiDuZul2bh4FGGUH
Qe+XKtmo5PHYZW+y+l3CDW/DlActI9jXD3qng+ZDOJ7iTljCCmKHn84+3aueKv4p
Jx0I5Hnm7pfAujR9E/ZSFhYNd6aN4ZMd81ZLey+fvgGpHPD7P75oAVv/8b3pDkRf
ro2kaYoCdMZLUCUTtldHQOnjIicSB4O8BQzWNUwCS8ziurnnDKqv7n9iEM9t0Osi
5N5ol0JEPto2KEypAM/e85sKaSYVqP9LdczHj/ZpAsmYTa11i6F+CUZKZ/OFRP6L
/3aAnr5NpnSMBwC1+UYTyi7d5z5ZXuupwrSDTpQkbUgqBuEuQIhLmxf33bDFZ0Cl
HmxCc4jpW+oeRnGe2GFGfA19rNkAVIDhxEDHkXanxmVV8LuK7Dnx/0A//KkjFUQ4
r6r/rawe1adjIp02jpz6ft8RVQGpS1eVZID+D0w3gi+Era+S6slNi5UbzKuTyvSB
tNMhBvV4+Ga6RvvYMxXKs0gTwfUGY2cdRrEUjuh/HpwB5BCqJvXodrsG+V9xm/1t
C+VwtMXj7IRzB5d3WJgbG0DMumakwnjX11T30ZK+/J+MA/gWyrpdjsnQuYs+R5+J
CeqbmkKjfaQKdsJ6gPl30hhlXQPJEme7RMalm0hMGhv15730U4AsB/KuMEbPtCEp
E9Xnc4+aUjlmoDrOD0YgQgH6M8bxMja4xv2PSuU0CMqsXNn3AD8iIPgDHW0Chvyo
N16kunwbsbPn/iI3GWKKYAtnkef+tSz0MOnvaamXvvXAJXBSjTtRnN53W8FxHSeL
vnPn+/9vFOBEQK62VnexNrVd5sPRLwTU0D6yExLUxXRYHAxysq+FGJzxdh+9ZjkT
mEfiv/kzOWkowfS6ZlirpmgPP3b8XlaB68SOd3vnWwKEBzwQXjcHzlBb+0f26zrF
ix+6s2RLDD/t0o3WyGmkh1eQeaixLJ/6b1bBV5O/5MsNsSpbLRA/LhX/8OaFoRGl
2L09Bcbz6XqCWeTPIUrwGzwSdLeSW3T9akNelFFJ0GwMp15NDwlZ+XGvCCeFXejM
pQxs17Or9h4cPKe6BdTOjV8lD8IRc7tXa81xb0SlxPqQL0FiV/yI1BQcBOwe7o+j
aAoxFa3dcb99eGkiXyKobxqU3lkz/PbuBbLURUzjeaVx0EurQO9YWKxJyOt6M8l5
Q3E3lMYooUOVA1flLDw1Qg1hwIc3VCgPJ7Bkygt6r4IdDgQBNh3pEutfyW9wyUoN
sEedstCRUVptUOIhMZxuv6MYciA9W4hcPSrLgIdMF+aYC2IXYMo1lEGQnctk3n91
x6sWWk0YUB6+Yx8IA4s42mUwapY7dDWd4dsHQFBghU/xpGqnCYLx0RwUDjUxne16
1Ys+gNGk/TIApGBpPPO/DLBmDOGY+OWHRniYsvIRhR3PMoqVrSrF9n2tJfpDwSOC
kSL3vsPARIR+M/gCiIe03Z2gs7axBjhX1SLpK5tUpU5CRzeEOWGLOBv1bQioQomC
U3mi5gJIlo27wxUqdMJFA6Q1KhsDKPyIRYIFnrvhj4VZOnL+noy1/1gaaBiDA2Bd
9f23Dw+l0JQCdcDwPa8BPkEkcb+YJZDFqPxECm6smXYCAtBSojZpjkZPY1J6K5uk
O+8jAzQrfxk0CwEKCPQSnsTVb6Lp4ezsC7QClsU3nKmI4HXeddHzGXqhL/AEaDWn
WAUNFBycON8NNFOdro0i/2UT98bKMJKWKsl+aEpU/i07m5ycvIJ0MU33Kb8mN7RU
DHEHTt/be1O/kyWcT1iHBX+5NPVMEE7zq2G4L4dscudDU+WcM4YLIxo5uza2s+sn
rY0+zvFJdDSHocb8kpkfzXqktnNWlkYYDKkXmmBPG4Zn9yAid2vRdop3pJTw/Spw
Ns5ezpWnuhEalVltGuRYal0F0y1VoHkEobabuK6lhb0SPz/r5rn3StPDlhpv6rn/
oSA79BzFIunCsLkH5nkhGlbmUeUm8Ni/x8AXIdw57DMk5Kxp2bKFqWDFTCZY0bg9
8a+64I+oRqZeZH7VOW4lxRHBjwADSxGmhPwldb3I2sMh45teZ4nypPjm2i4yYGYI
4Naoo95m2NApbfX7M45OevJi6izjk6greCBmTSfNwfXCT+nCQ43DIOFD1Saq86s/
j3hopcpcegGvZlm+GtetnOvyZkycRAK1Qd8SnFVJl5OWaxXLz34jzs2JDHHAgEYw
9ACSkJvKOLFtKp1jK4yf/Eldbsy5lFOUxSlUl0fjWcxQb/IhTB27i2VtARkj57aO
qacb+wu0iVn7+rNYKq0o/Jk6Lzv7TDE4k//+lZvgZUKQLN1TnelMeamRPbZy25Ql
GEwpBI7B8K1NvKzNInrYpe+kTh/1jvAMQHcREjDKBkxDEqFgM7VOaRt0x+RP3Tvo
z7h/MXK0MJ+K2nGMSYmSaUjLQIns8a2XlFCaJTRQ08kt+s5aKFNCS27NT46ZYteh
kNPq87iCdaTlaVszgT6SJnud5+KtaUF4dMPAV4glLneaLFccRH6MAloo1VPT7ahw
YbTnrOAObjcNBZ3PSHc7YIQDbcBdRCjE628Ya52k4sDJAu3+m8d6fKEs48bkfcqg
YQ04i0MqkjyZn8YOjWtuSX4dOEschJpoxpPcvUmYAvkPk9k6fwiJV186ha9mnVds
YDJjfQOGP7nBRWSVO275ktBPtWMhvTJzAcPOyWb5WVjfSljeM2HpcjHB6vlmeLYe
ZGHzEPiYUT9iEFA1WT1dchOxHMWd2A+BqtfrMwQGlWkgdOWbTeXxS2toHrpjFeKv
2TKPSSh1gJ3jjlHZtPUFbIVns44FQFq/XsAg/gx/T/p+oNVWdZoeRnQbzTEZUzMo
1A2xXB+TgIPFnxbG7fPqydcuT5so77V1SE46ZY159bkwlgOO0W2yTdmhdQqWrShk
eDYYgiRxVsonwf96/S3zaRTStE/fhAMmhBHBMvj5XXF7o7nlXJ/mKHFB7Gf4INYT
QkNyAX+Y2SmQ3FD99f3crL3XfxlvjMU2CVCeh2T0s4J1P9CLAkuuh3YDlO8g6X6N
rJEjg8NmZ8mw4RZg6LQanOoLTPBAEKN5BWrt+j2yLqFqkh3+m6j5izoGFXCCJfNP
zGNFqTzuduJluF3OIyTAfdY2rl/UDlluTSXym9x7172FI7IJqO38YjNlmeI5HgBV
5Y+C52CN6W+QKSKxKqnmYfwhV3KOTgjPkhSBouv2F5w97IHjPwRF53ztFLxwBrnj
qOR33eE5MuIk4FJti7EsRZMZxYcpn9vy1CNoQUT1YKP6PjQRl6SZpa76DhnWjr20
o4pEYQoUnd1qZ3/6AJdXj2Et
=emEv
-----END PGP MESSAGE-----
------=_Part_8_1019438032.1627002808114--
The message is being encrypted initially on the client side using Apple Mail
and the GPG Suite plugin for MacOS.
Here is my postfix configuration on the ciphermail host:
djigzo_myhostname = smtp.coldlogix.com
djigzo_mydestination =
djigzo_mynetworks = 192.168.10.0/24, 192.168.50.0/24, 192.168.100.0/24,
192.168.200.0/24, 192.168.30.0/24, 10.10.10.0/27
djigzo_relayhost = mx1.la1.clx.corp
djigzo_relayhost_mx_lookup =
djigzo_relayhost_port = 25
djigzo_relay_domains = losangelesrecording.com
djigzo_before_filter_message_size_limit = 0
djigzo_calculated_after_filter_message_size_limit = 0
djigzo_after_filter_message_size_limit =
${djigzo_calculated_after_filter_message_size_limit}
djigzo_mailbox_size_limit = 512000000
djigzo_smtp_helo_name = smtp.coldlogix.com
djigzo_relay_transport_host = mx1.la1.clx.corp
djigzo_relay_transport_host_mx_lookup =
djigzo_relay_transport_host_port = 25
djigzo_reject_unverified_recipient =
djigzo_unverified_recipient_reject_code = 450
djigzo_parent_domain_matches_subdomains = relay_domains
djigzo_rbl_clients =
djigzo_calculated_queue_minfree = 0
myhostname = ${djigzo_myhostname}
mydestination = ${djigzo_mydestination}
mynetworks = 127.0.0.0/8, [::1]/128, ${djigzo_mynetworks}
relay_domains = ${djigzo_relay_domains}
parent_domain_matches_subdomains = ${djigzo_parent_domain_matches_subdomains}
smtp_helo_name =
${djigzo_smtp_helo_name?$djigzo_smtp_helo_name}${djigzo_smtp_helo_name:${myhostname}}
relay_transport =
relay${djigzo_relay_transport_host?:${djigzo_relay_transport_host_mx_lookup:[}${djigzo_relay_transport_host}${djigzo_relay_transport_host_mx_lookup:]}:${djigzo_relay_transport_host_port}}
relayhost =
${djigzo_relayhost_mx_lookup:${djigzo_relayhost?[}}${djigzo_relayhost}${djigzo_relayhost_mx_lookup:${djigzo_relayhost?]}}${djigzo_relayhost?:${djigzo_relayhost_port}}
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination
${djigzo_rbl_clients}
${djigzo_reject_unverified_recipient? reject_unverified_recipient}
unverified_recipient_reject_code = ${djigzo_unverified_recipient_reject_code}
smtpd_discard_ehlo_keywords = silent-discard, dsn, etrn
smtpd_etrn_restrictions = reject
local_transport = error:local mail delivery is disabled
local_recipient_maps =
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
message_size_limit = ${djigzo_after_filter_message_size_limit}
mailbox_size_limit = ${djigzo_mailbox_size_limit}
queue_minfree = ${djigzo_calculated_queue_minfree}
smtpd_authorized_xforward_hosts = 127.0.0.1/32
content_filter = djigzo:[127.0.0.1]:10025
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_security_level = may
smtpd_tls_received_header = yes
smtpd_tls_loglevel = 1
tls_preempt_cipherlist = yes
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_protocols = $smtpd_tls_protocols
smtpd_tls_exclude_ciphers = AESCCM8, aNULL, ARIA, DES, DSS, eNULL, EXPORT,
IDEA, MD5, PSK, RC4, SEED
smtp_tls_CAfile = /etc/pki/ca-trust/extracted/pem/ColdLogixCA-chain.pem
smtp_tls_security_level = may
smtp_tls_loglevel = 1
smtp_tls_protocols = $smtpd_tls_protocols
smtp_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
smtp_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/smtp_client_passwd
smtp_sasl_type = cyrus
smtp_sasl_security_options =
mail_name = CipherMail
smtpd_banner = $myhostname ESMTP $mail_name
append_dot_mydomain = no
biff = no
recipient_delimiter = +
notify_classes =
enable_long_queue_ids = yes
smtp_address_preference = ipv4
and master.cf:
smtp inet n - n - - smtpd
-o message_size_limit=${djigzo_before_filter_message_size_limit}
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
djigzo unix - - n - 4 smtp
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o smtp_generic_maps=
cleanup_reinject unix n - n - 0 cleanup
-o hopcount_limit=100
127.0.0.1:10026 inet n - n - 10 smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_tls_security_level=
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_authorized_xclient_hosts=127.0.0.0/8
-o cleanup_service_name=cleanup_reinject
smtps inet n - y - - smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_tls_security_level=
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_authorized_xclient_hosts=127.0.0.0/8
-o cleanup_service_name=cleanup_reinject
submission inet n - y - - smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_tls_security_level=
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_authorized_xclient_hosts=127.0.0.0/8
-o cleanup_service_name=cleanup_reinject
127.0.0.1:10027 inet n - n - 10 smtpd
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_tls_security_level=
-o mynetworks=127.0.0.0/8
-o syslog_name=postfix/10027
-o message_size_limit=${djigzo_before_filter_message_size_limit}
All settings from the Ciphermail interface is set up with “inherit” for all the
options.
Using version 5.0.4:
rpm -qa | grep djig
djigzo-web-5.0.4-1.noarch
djigzo-5.0.4-1.noarch
Mail is set to relay to another postfix host for its final destination.
-jeremy
> On Jul 20, 2021, at 9:30 AM, Jeremy Hansen via Users
> <[email protected]> wrote:
>
>
>
>> On Jul 20, 2021, at 7:56 AM, Martijn Brinkers via Users
>> <[email protected]> wrote:
>>
>>
>>
>>
>>> On Thu, 2021-07-15 at 01:13 -0400, Jeremy Hansen via Users wrote:
>>> I noticed if I sent a message that is encrypted at the client,
>>> ciphermail will encrypt that message again and the original message
>>> is sent as an attachment.
>>
>> What type of encryption is applied at the client side and what
>> encryption is applied server side?
>
> PGP on both sides.
>
>>
>>> I also noticed if I send a message from a host using something like
>>> mailx, the body of the message is never included in the email.
>>
>> What do you mean with "the body of the message is never included in the
>> email"?
>
> echo test | mail -s Test [email protected]
>
> The message comes through encrypted but I don’t see “test” in the body of the
> email.
>
> Thank you!
>
>>
>> Kind regards,
>>
>> Martijn Brinkers
>>
>> --
>> CipherMail email encryption
>> Email encryption with support for S/MIME,
>> Ope
>> nPGP, PDF Messenger and Webmail Messenger
>>
signature.asc
Description: Message signed with OpenPGP
