Thank you for the help. It’s much appreciated. Seems to be working so far.
-jeremy > On Wednesday, Jul 28, 2021 at 6:52 AM, Martijn Brinkers > <[email protected] (mailto:[email protected])> wrote: > By default, the gateway does not check whether the message is already > PGP encrypted and therefore it will be double encrypted if the gateway > has a valid PGP key for the recipient. > > Why there is no check for already encrypted PGP message is because > checking this for PGP is not always easy/reliable. With PGP/Inline, you > cannot reliably detect whether every part of the email is encrypted. > For example how should the gateway react if some MIME part is encrypted > or not but the other parts are not? With PGP/Inline it's also hard to > detect whether a MIME part is really encrypted or not. > > For example is the following part encrypted? Or is it just an example > of an encrypted inline part which is not valid: > > -----BEGIN PGP MESSAGE----- > BLABLA > -----END PGP MESSAGE----- > > With PGP/Inline you can have mixed content, i.e., some parts of the > body are encrypted and some parts are not. > > Checking PGP/MIME is easier because there is a clear and distinct > content type. You might add a check which checks the content type for > PGP/MIME encryption and skip further handling. > > Why has this not been added? Various reasons, historical and the fact > that this has never been requested. If you want to support encryption > on the desktop and on the gateway, the best would be to not add a valid > key for the recipient on the gateway. > > That said, you can add the following snippet to config.xml to skip > further encryption if the message is already PGP/MIME encrypted (to be > precise if the content type contains a specific protocol value) > > Add the following check just below the existing "message is already > S/MIME encrypted" part (add to config.xml) > > <mailet match="HeaderValueRegEx=matchOnError=false,content- > type=(?i)protocol="application/pgp-encrypted"" > class="GotoProcessor"> > <log> message is already PGP/MIME encrypted </log> > <processor> dkim-sign </processor> > </mailet> > > > After adding the above snippet, the back-end should be restarted. > > Kind regards, > > Martijn Brinkers > > On Tue, 2021-07-20 at 10:30 -0400, Jeremy Hansen wrote: > > > On Jul 20, 2021, at 7:56 AM, Martijn Brinkers via Users < > > > [email protected]> wrote: > > > > > > > > > > > > > > > > On Thu, 2021-07-15 at 01:13 -0400, Jeremy Hansen via Users wrote: > > > > I noticed if I sent a message that is encrypted at the client, > > > > ciphermail will encrypt that message again and the original > > > > message > > > > is sent as an attachment. > > > > > > What type of encryption is applied at the client side and what > > > encryption is applied server side? > > > > PGP on both sides. > > > > > > I also noticed if I send a message from a host using something > > > > like > > > > mailx, the body of the message is never included in the email. > > > > > > What do you mean with "the body of the message is never included in > > > the > > > email"? > > > > echo test | mail -s Test [email protected] > > > > The message comes through encrypted but I don’t see “test” in the > > body of the email. > > > > Thank you! > > > > > Kind regards, > > > > > > Martijn Brinkers > > > > > > -- > > > CipherMail email encryption > > > Email encryption with support for S/MIME, > > > Ope > > > nPGP, PDF Messenger and Webmail Messenger > > > > -- > CipherMail email encryption > Email encryption with support for S/MIME, > OpenPGP, PDF Messenger and Webmail Messenger
signature.asc
Description: PGP signature
