Any clues on this? -jeremy
> On Jul 22, 2021, at 7:26 PM, Jeremy Hansen via Users > <[email protected]> wrote: > > Here’s the full headers of my message: > > Return-Path: <[email protected]> > Delivered-To: [email protected] > Received: from mx1.la1.clx.corp > by mx1.la1.clx.corp with LMTP > id 0eMYEMQX+mD9BAIAzivOYw > (envelope-from <[email protected]>) > for <[email protected]>; Thu, 22 Jul 2021 18:13:40 -0700 > Received: from localhost (localhost [127.0.0.1]) > by mx1.la1.clx.corp (Postfix) with ESMTP id E5761412E05 > for <[email protected]>; Thu, 22 Jul 2021 18:13:39 -0700 > (PDT) > DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.la1.clx.corp E5761412E05 > X-Virus-Scanned: amavisd-new at coldlogix.com > Received: from smtp.coldlogix.com ([127.0.0.1]) > by localhost (smtp.coldlogix.com [127.0.0.1]) (amavisd-new, port 10024) > with ESMTP id 3RyMjMJsZQrY for <[email protected]>; > Thu, 22 Jul 2021 18:13:36 -0700 (PDT) > Received: from smtp.coldlogix.com (cmx01.la1.clx.corp [192.168.30.23]) > by mx1.la1.clx.corp (Postfix) with ESMTPS id 6F1F74C3589 > for <[email protected]>; Thu, 22 Jul 2021 18:13:28 -0700 > (PDT) > DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.la1.clx.corp 6F1F74C3589 > Received: from cmx01.la1.clx.corp (localhost [127.0.0.1]) > by smtp.coldlogix.com (CipherMail) with ESMTP id 4GWBCX1P3Rz2SSxp > for <[email protected]>; Thu, 22 Jul 2021 18:13:28 -0700 > (PDT) > Received: from mail.subtraverse.net (netman.subtraverse.intra [192.168.10.10]) > by smtp.coldlogix.com (CipherMail) with ESMTP id 4GWBCW49cKz2SSxp > for <[email protected]>; Thu, 22 Jul 2021 18:13:27 -0700 > (PDT) > Received: from localhost (localhost.localdomain [127.0.0.1]) > by mail.subtraverse.net (Postfix) with ESMTP id 5C3F2146F9E > for <[email protected]>; Thu, 22 Jul 2021 18:13:27 -0700 > (PDT) > Received: from mail.subtraverse.net ([127.0.0.1]) > by localhost (mail.subtraverse.net [127.0.0.1]) (amavisd-new, port > 10024) > with LMTP id mmNPq8Z2mIx2 for <[email protected]>; > Thu, 22 Jul 2021 18:13:26 -0700 (PDT) > Received: from smtpclient.apple (unknown [10.10.10.2]) > (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) > (No client certificate requested) > by mail.subtraverse.net (Postfix) with ESMTPSA id 55C27146F9C > for <[email protected]>; Thu, 22 Jul 2021 18:13:26 -0700 > (PDT) > Date: Thu, 22 Jul 2021 21:13:25 -0400 > From: Jeremy Hansen <[email protected]> > To: [email protected] > Message-ID: <[email protected]> > Subject: Test > MIME-Version: 1.0 > Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; > boundary="----=_Part_8_1019438032.1627002808114" > X-Virus-Scanned: amavisd-new at subtraverse.net > DKIM-Filter: OpenDKIM Filter v2.11.0 mail.subtraverse.net 55C27146F9C > X-Mailer: Apple Mail (2.3654.100.0.2.22) > X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,ENCRYPTED_MESSAGE > autolearn=ham autolearn_force=no version=3.4.4 > X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mx1.la1.clx.corp > > ------=_Part_8_1019438032.1627002808114 > Content-Type: application/pgp-encrypted > Content-Transfer-Encoding: 7bit > Content-Description: PGP/MIME version identification > > Version: 1 > > ------=_Part_8_1019438032.1627002808114 > Content-Type: application/octet-stream; name=encrypted.asc > Content-Transfer-Encoding: 7bit > Content-Description: OpenPGP encrypted message > Content-Disposition: inline; filename="encrypted.asc" > > Content-Type: multipart/encrypted; > boundary="Apple-Mail=_7D9B459F-746A-4970-8672-402CD4581A22"; > protocol="application/pgp-encrypted" > > This is an OpenPGP/MIME encrypted message (RFC 2440 and 3156) > --Apple-Mail=_7D9B459F-746A-4970-8672-402CD4581A22 > Content-Transfer-Encoding: 7bit > Content-Type: application/pgp-encrypted > Content-Description: PGP/MIME Versions Identification > > Version: 1 > > --Apple-Mail=_7D9B459F-746A-4970-8672-402CD4581A22 > Content-Transfer-Encoding: 7bit > Content-Disposition: inline; > filename=encrypted.asc > Content-Type: application/octet-stream; > name=encrypted.asc > Content-Description: OpenPGP encrypted message > > -----BEGIN PGP MESSAGE----- > > hQIMA8de+J6NLzLYAQ/5AU3DMoY1Sc/gGUptX2K2cEZ2MaPfG5uJjr9d02HDlma1 > UXc4K9TDd+ym3u06r5sLf3R+IAkot5shms5PCGsjqnhPEUtJwxp9cA4peL40OH+z > qQfSOMqnD9MzW5qgM28+fj8R4C1R9OeZrBwcUS9MatIch2fqW6dNZcHEOcxThEOG > ek/Qv58fAbZCv5QUmn8FyELDw3E6Ms4W/9slViG45gLminVSl7ZeAGSdsOjnwG0Q > 3rWb4ARWVsu/69U/Fjltf46krS3UGdFyNh7xyg+YRfAiigLOa+LawIJ18ct9TgDq > bnh9u4fa3CJ4rwLiLFskwhEk0bVRf9XgSmTZtUQku652xlCmGNmmyfzwfOhBfdXT > uDufDOpi94JV8W/Q+Bsul0VKVCzVpCO4vJUxMNry9U3YAXplFaaLhgZjnwm8/IU9 > 8wVJF5U9DZ16rOYiQqG0BlSkuigmyhV4YztM1iNxYnODzQb/svrCFYkhSZZzNyAe > PKJzliFTZ7KbiCbwkSdWLIjESoJROnaxGeMctC1tB0Ah2l2Vf7UWJSrJgkcqtV96 > SsjCZasTtOlK1kozzdZ9OVKJyVzrA8SkKIR1DwCL71P/0SnqXBBRb30xg3v0PZS9 > 79L818dMlkpn0gT3wKn4vMjXlHgbJax9Pp0A89c4hPNnrc8fQn35TvaxiD0IhTiF > AgwDYm7YRE3NdeYBD/9GwYDpbx3GuHof3sumG2gzGWCnT3w83x12xuGGnU3FmVdX > WqIuIe2Q3dtA0hltWI1r4YlA5xEymVrFsr1e4DIwHVlljRcTk0tOWxWLHSjjc41B > RLhN1Qh0J3O/xPIs62riSc4Gkr160z5oz3ojR6gmW8gHyltMdBf6l4lyM9vojc++ > nFHhBdOeBOoUlWZXFp96RBfeVVWAYDS3oQjLRPfsKY5AQL9V5WsCRhQHCSbatnua > xwHyIlsF5wbcIOnRwitjYVlUqOOXHGJTWG8/9maAOUFuzR8JZZ9GuMsiFPljlPKk > XP+Fq1Maa5dz4pnySMTOuNe/s1hiXDOb+sFzXx0nHDJvM3SKq1hKvFXMpv0Rg9Kp > L3YYwqdIlo53tEAAEsHmBUUNEk2zKFn6OiBHBXNgge8AiEPbmO+bylG0rl4oNwY7 > kVvJw8vi59V08H6h92GSwosD3tJCj1xsjVpJ09kUKijk9RgrbjQGsgnZWLsDY5Hp > 2CKT+BHehaQ96xiW8wro609h4d2bcdKDK5cU9r6yGgcM84etZ8X3hWhbJYwJEeVB > mCltyc62KvqKRhktvs4xxFgloZYTcoWlLK8auriATVxO8nBS6Cn7zrpEG65isY4W > 4PBX6ct0OMrcD56RTouGwFOiLjype0vzLk9zhOJ9GbM7RLjCgm/MvWdhKxySjNLp > ATDVnNsfZdMJoRaKaFQSQhgu8t++C5AUrYIZDsrtmq0txODgdG7L2u2wQCHFV9Y/ > 5KBB04RLfiKH2GL41bf1CkxaZX6f/ZrJBDvY3xMIA2CIrvB9yx/Z6XFi1vtJ8M/A > f2at7u959FbVBVxw/L6LVU9xMD/2w+FBeucDuPWDPbQDpWa2IibZlQYAeJS3lcLv > 6KDg4EU72jA2hTQb2COxneZUhtCsep6GC7cuGnaIk0qv6UhOIKSWfIA4TkJoiPi+ > QrE3wJ8fELGgZcyAhHkulvdXf61ts6fK9xQVdfUgaJxUdUvKWBC5QjTDXMjc2faP > 5erzlfGXDpNunKik6rmZxhrgs1y4oP9JT8EQI+esvVSeuMaqzn2h1lYpUIuDKE4K > lsXNl+8Cro0k46Tgjccdo5kANJxMm3BvwZ98vFVwaBF28pp4x+nsJyJ+DMA0xUnb > 52jJDKjo8gS4P95PAjL7ZdjBByY/lKFhWGHcxSUAJ0H7cJJdrCV/lrX7neeaPtcM > qTVsTW4ObWEfD2RqAtAngxO9oWyWU95SKnpz31VQIgfOeOMtJrkIYGQbGQg4eLIZ > UAQamiawgxxg6FLJbKZiiT3pnG4i84DV8rD42Q4nIlkDU71fDSpz9b7h110UIqeb > GrqUW0XVDgDdp4TjKQ1iPhw65J+R+mdUeg9WftHonxbBKg1Qd2fm3htYm1qtMCg7 > gnXsZ7ufH4V4PwtJDRNumEmePZcfU3SpgMo1LJkhnyTID4rofIRn+lnRX51/RGj5 > E1525t0irN5bfzjMUWCPG8Sq+6ENoUHoFJcaOn/Y7c+rIK4L/H3zPTpqr4Rs6e6y > BNy36ZrOCyAOFdSdAUz5XwTCAN4Mha3joCcDQ4PKTwjijLc69fqbgt+ovjntVNMJ > YxN2MH1c+0DA0oGd2/hdraAifEmLakZIiNfNex4gWGOm2jRlvaGVQnjUucQ1eqmH > imrO+wFRXAa90jjR2wXnDg2egCbZ/Wit+FTUiMWBAuvv1kdo1MUIkoqi7ehTLYUO > 12756gYu/cY8f/uxtDZ+n8UP8YbbLlwVI70aibKb2wAQkGEF1PL3iVjvYwnD/ViE > 3kWpVaxfr7sQ231Ki58oDfkbQysR+F13Kk9se7a8MWGvIEnhX2v0fMF2kWhfKjCW > naewmZLdTbxop0SZRC0xtug3vEQ2TZizihZ/OObOA+D6JUA4OLJ/T3uvWIYSDxt+ > P8zV+hIsUn/LCcSDyq3LZ/n5r9LYmjOd5BVcqn3SVafHHN439Y8x8rQnKjqu4yNn > kL8qqrrH5KR8NOMyp43veLt1VbpBCDSf7M2Mn5J+i6k6abhpsB1KPxXOmx8= > =s4+/ > -----END PGP MESSAGE----- > > --Apple-Mail=_7D9B459F-746A-4970-8672-402CD4581A22-- > > > ------=_Part_8_1019438032.1627002808114-- > > > The message is being encrypted initially on the client side using Apple Mail > and the GPG Suite plugin for MacOS. > > Here is my postfix configuration on the ciphermail host: > > djigzo_myhostname = smtp.coldlogix.com > djigzo_mydestination = > djigzo_mynetworks = 192.168.10.0/24, 192.168.50.0/24, 192.168.100.0/24, > 192.168.200.0/24, 192.168.30.0/24, 10.10.10.0/27 > djigzo_relayhost = mx1.la1.clx.corp > djigzo_relayhost_mx_lookup = > djigzo_relayhost_port = 25 > djigzo_relay_domains = losangelesrecording.com > djigzo_before_filter_message_size_limit = 0 > djigzo_calculated_after_filter_message_size_limit = 0 > djigzo_after_filter_message_size_limit = > ${djigzo_calculated_after_filter_message_size_limit} > djigzo_mailbox_size_limit = 512000000 > djigzo_smtp_helo_name = smtp.coldlogix.com > djigzo_relay_transport_host = mx1.la1.clx.corp > djigzo_relay_transport_host_mx_lookup = > djigzo_relay_transport_host_port = 25 > djigzo_reject_unverified_recipient = > djigzo_unverified_recipient_reject_code = 450 > djigzo_parent_domain_matches_subdomains = relay_domains > djigzo_rbl_clients = > djigzo_calculated_queue_minfree = 0 > myhostname = ${djigzo_myhostname} > mydestination = ${djigzo_mydestination} > mynetworks = 127.0.0.0/8, [::1]/128, ${djigzo_mynetworks} > relay_domains = ${djigzo_relay_domains} > parent_domain_matches_subdomains = ${djigzo_parent_domain_matches_subdomains} > smtp_helo_name = > ${djigzo_smtp_helo_name?$djigzo_smtp_helo_name}${djigzo_smtp_helo_name:${myhostname}} > relay_transport = > relay${djigzo_relay_transport_host?:${djigzo_relay_transport_host_mx_lookup:[}${djigzo_relay_transport_host}${djigzo_relay_transport_host_mx_lookup:]}:${djigzo_relay_transport_host_port}} > relayhost = > ${djigzo_relayhost_mx_lookup:${djigzo_relayhost?[}}${djigzo_relayhost}${djigzo_relayhost_mx_lookup:${djigzo_relayhost?]}}${djigzo_relayhost?:${djigzo_relayhost_port}} > smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination > ${djigzo_rbl_clients} > ${djigzo_reject_unverified_recipient? reject_unverified_recipient} > unverified_recipient_reject_code = ${djigzo_unverified_recipient_reject_code} > smtpd_discard_ehlo_keywords = silent-discard, dsn, etrn > smtpd_etrn_restrictions = reject > local_transport = error:local mail delivery is disabled > local_recipient_maps = > alias_maps = hash:/etc/aliases > alias_database = hash:/etc/aliases > message_size_limit = ${djigzo_after_filter_message_size_limit} > mailbox_size_limit = ${djigzo_mailbox_size_limit} > queue_minfree = ${djigzo_calculated_queue_minfree} > smtpd_authorized_xforward_hosts = 127.0.0.1/32 > content_filter = djigzo:[127.0.0.1]:10025 > > smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem > smtpd_tls_key_file = /etc/pki/tls/private/postfix.key > smtpd_tls_security_level = may > smtpd_tls_received_header = yes > smtpd_tls_loglevel = 1 > tls_preempt_cipherlist = yes > smtpd_tls_protocols = !SSLv2, !SSLv3 > smtpd_tls_mandatory_protocols = $smtpd_tls_protocols > smtpd_tls_exclude_ciphers = AESCCM8, aNULL, ARIA, DES, DSS, eNULL, EXPORT, > IDEA, MD5, PSK, RC4, SEED > smtp_tls_CAfile = /etc/pki/ca-trust/extracted/pem/ColdLogixCA-chain.pem > smtp_tls_security_level = may > smtp_tls_loglevel = 1 > smtp_tls_protocols = $smtpd_tls_protocols > smtp_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols > smtp_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers > smtp_sasl_auth_enable = yes > smtp_sasl_password_maps = hash:/etc/postfix/smtp_client_passwd > smtp_sasl_type = cyrus > smtp_sasl_security_options = > mail_name = CipherMail > smtpd_banner = $myhostname ESMTP $mail_name > append_dot_mydomain = no > biff = no > recipient_delimiter = + > notify_classes = > enable_long_queue_ids = yes > smtp_address_preference = ipv4 > > > and master.cf: > > smtp inet n - n - - smtpd > -o message_size_limit=${djigzo_before_filter_message_size_limit} > pickup fifo n - n 60 1 pickup > cleanup unix n - n - 0 cleanup > qmgr fifo n - n 300 1 qmgr > tlsmgr unix - - n 1000? 1 tlsmgr > rewrite unix - - n - - trivial-rewrite > bounce unix - - n - 0 bounce > defer unix - - n - 0 bounce > trace unix - - n - 0 bounce > verify unix - - n - 1 verify > flush unix n - n 1000? 0 flush > proxymap unix - - n - - proxymap > proxywrite unix - - n - 1 proxymap > smtp unix - - n - - smtp > relay unix - - n - - smtp > -o smtp_fallback_relay= > showq unix n - n - - showq > error unix - - n - - error > retry unix - - n - - error > discard unix - - n - - discard > virtual unix - n n - - virtual > lmtp unix - - n - - lmtp > anvil unix - - n - 1 anvil > scache unix - - n - 1 scache > djigzo unix - - n - 4 smtp > -o smtp_send_xforward_command=yes > -o disable_dns_lookups=yes > -o smtp_generic_maps= > cleanup_reinject unix n - n - 0 cleanup > -o hopcount_limit=100 > 127.0.0.1:10026 inet n - n - 10 smtpd > -o content_filter= > -o > receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters > -o smtpd_helo_restrictions= > -o smtpd_client_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o smtpd_tls_security_level= > -o mynetworks=127.0.0.0/8 > -o smtpd_authorized_xforward_hosts=127.0.0.0/8 > -o smtpd_authorized_xclient_hosts=127.0.0.0/8 > -o cleanup_service_name=cleanup_reinject > smtps inet n - y - - smtpd > -o content_filter= > -o > receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters > -o smtpd_helo_restrictions= > -o smtpd_client_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o smtpd_tls_security_level= > -o mynetworks=127.0.0.0/8 > -o smtpd_authorized_xforward_hosts=127.0.0.0/8 > -o smtpd_authorized_xclient_hosts=127.0.0.0/8 > -o cleanup_service_name=cleanup_reinject > submission inet n - y - - smtpd > -o content_filter= > -o > receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters > -o smtpd_helo_restrictions= > -o smtpd_client_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o smtpd_tls_security_level= > -o mynetworks=127.0.0.0/8 > -o smtpd_authorized_xforward_hosts=127.0.0.0/8 > -o smtpd_authorized_xclient_hosts=127.0.0.0/8 > -o cleanup_service_name=cleanup_reinject > 127.0.0.1:10027 inet n - n - 10 smtpd > -o smtpd_helo_restrictions= > -o smtpd_client_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o smtpd_tls_security_level= > -o mynetworks=127.0.0.0/8 > -o syslog_name=postfix/10027 > -o message_size_limit=${djigzo_before_filter_message_size_limit} > > All settings from the Ciphermail interface is set up with “inherit” for all > the options. > > Using version 5.0.4: > > rpm -qa | grep djig > djigzo-web-5.0.4-1.noarch > djigzo-5.0.4-1.noarch > > Mail is set to relay to another postfix host for its final destination. > > -jeremy > > > > On Jul 20, 2021, at 9:30 AM, Jeremy Hansen via Users > > <[email protected]> wrote: > > > > > > > >> On Jul 20, 2021, at 7:56 AM, Martijn Brinkers via Users > >> <[email protected]> wrote: > >> > >> > >> > >> > >>> On Thu, 2021-07-15 at 01:13 -0400, Jeremy Hansen via Users wrote: > >>> I noticed if I sent a message that is encrypted at the client, > >>> ciphermail will encrypt that message again and the original message > >>> is sent as an attachment. > >> > >> What type of encryption is applied at the client side and what > >> encryption is applied server side? > > > > PGP on both sides. > > > >> > >>> I also noticed if I send a message from a host using something like > >>> mailx, the body of the message is never included in the email. > >> > >> What do you mean with "the body of the message is never included in the > >> email"? > > > > echo test | mail -s Test [email protected] > > > > The message comes through encrypted but I don’t see “test” in the body of > > the email. > > > > Thank you! > > > >> > >> Kind regards, > >> > >> Martijn Brinkers > >> > >> -- > >> CipherMail email encryption > >> Email encryption with support for S/MIME, > >> Ope > >> nPGP, PDF Messenger and Webmail Messenger > >> >
signature.asc
Description: Message signed with OpenPGP
