On 07/17/2014 09:31 PM, Peter Haufschild wrote: > Hello Martijn, > > I patched the config.xml and than I get a Signatur. But this is > like an attachment called signatur.asc I expect something like: > > alice% gpg --clearsign doc > > You need a passphrase to unlock the secret key for user: "Alice > (Judge) <[email protected]>" 1024-bit DSA key, ID BB7576AC, created > 1999-06-04 > > [...] > > How could I verify this signatur.asc? > > gpg --verify signature.asc gpg: no signed data gpg: can't hash > datafile: No data > > cat signature.asc -----BEGIN PGP SIGNATURE----- Version: CIPHERMAIL > (2.8.6-2) > > iQIcBAABCgAGBQJTx/FgAAoJEFsAK2UosMjTdUoP/j7NjGvuu5/z4rcoc0HlVeO3 > idTGpdhaPmOc/j5zzl9x7QXOMP5zcw9/MAouF5iUaVpB9oZ+Gs1aVKndljkHSTQN > JFwwixD8fsWprU+ixGjMBufXYflrkTIBqMCTlLnMfXWjzJvz+IJYRZ16n5b/Wseb > Ofui/Zv/4JoxAC+Il+gmNWHvOuupj6Qav6x0pCTVr8c4CvvZsU6n14uEpwjSDO5d > Fu8CrCC50OpSz0OA00kWHNPJQnPkErTIRszFtK217+6e7MfRjWaCH9WwWMNRj+// > TKHhcHVHPYc5Ob7A8leTpXoi6Rus7IEeEloSXIlpIAUtDkACnmQcM2eQ/Mrvu9MI > YTu2HESWvj/MB5023oKHdVH4mCjRRktJ5AK2GAleSTfzDUiVkhLHlATNKs7QmnEq > AD7wSqGSGWkQFBhgirf+7JZswbitZsnzf0Mqwa/IIylOzBkbg/1eQP6Adi4+OGuQ > /KVJIANafUQ2rC8sWpwMX1JFvGASDsXd/OGYz4iwQCUSSCXEpN+JGTSqZ3sjtztn > s8FB5ijtUL9ZAVUcU2BcCPXisZR5SBxfHvgXuhfRoLnHS6iytnmPvgZOrTak1xD+ > BMjdg1e4yeFD9A36i7QuUTrvHleKGAYCcwKjXIj+pv5wfeARDAUrv+w4mU9bm66t > VoovSmWdPgKs0Ph6ai9O =deNN -----END PGP SIGNATURE-----
With PGP you have two ways to encode your message: PGP/MIME and PGP/INLINE (also known as PGP traditional). PGP/MIME signs and/or encrypts the complete MIME message. The main benefit of PGP/MIME is that it better supports attachments and that HTML email is supported. However some PGP clients do not support PGP/MIME and they require PGP/INLINE. I guess you want PGP/INLINE and not PGP/MIME. The downside of PGP/INLINE is that HTML email is not supported. There are hacks to support HTML but it is a hack and currently not supported by Ciphermail. If a message only contains HTML, the HTML will be converted to text before signing. Since PGP/MIME is generally advised, PGP/MIME is set as the default encoding. To enable PGP/INLINE, set "PGP encoding" to PGP/INLINE (this is for outgoing email, for incoming email the equivalent setting is "Incoming PGP/INLINE enable"). BTW you can validate a PGP/MIME message on the command line by using the complete MIME message (i.e., including attachments) as the input to gpg. Kind regards, Martijn Brinkers > Von: [email protected] > [[email protected]]" im Auftrag von "Martijn > Brinkers [[email protected]] Gesendet: Dienstag, 15. Juli 2014 > 15:12 An: [email protected] Betreff: Re: [Djigzo users] force > sign all outgoing mails > > On 07/15/2014 02:44 PM, Thomas Bäumer wrote: >> >>>> I want to use a very simple setup: I want to sign all >>>> outgoing mails from "[email protected]" to any destination. >>>> >> >>> Hi Thomas, >> >>> PGP sign only was not (yet) added. It will be added to the >>> next release though. You can however add PGP signing by >>> modifying config.xml (config.xml describes the mail flow). The >>> attached patch will add a matcher that will trigger when the >>> sender has set the advanced custom 1 property to "true" >>> (without the quotes). I also attached the complete config.xml >>> so you can replace the existing (make a backup first) with the >>> new one without using the patch. After replacing or modifying >>> config.xml, you need to restart the back-end >> >>> sudo /etc/init.d/djigzo restart >> >>> After the restart set the advanced custom 1 property of the >>> sending user to "true" (without the quotes) to trigger PGP >>> sign only for this sender. Kind regards, Martijn Brinkers >> >> >> Hello Martijn, >> >> many thank you for this patch, now its working as requested. >> >> I didn't know that "PGP sign only" is not implemented yet. I >> thought this is a very basic operation. > > In principle it is, adding it only required some changes to > config.xml. The problem with PGP signing is that most recipients > (in general) do not know how to handle PGP signatures and that PGP > signing is mostly used by users who are already familiar with PGP. > We did not add signing yet because it might require changes to > other parts of config.xml as well. For example there are triggers > to force signing. Currently those triggers only trigger S/MIME > signing. We are investigating how to add PGP signing in a logical > way to make it work consistently. > >> Any idea when the next version which includes this will be >> released? > > We do not have a date yet. We will wait for some more feedback to > the latest release. > > Kind regards, > > Martijn Brinkers > > > -- CipherMail email encryption > > Open source email encryption gateway with support for S/MIME, > OpenPGP and PDF messaging. > > http://www.ciphermail.com > > Twitter: http://twitter.com/CipherMail > _______________________________________________ Users mailing list > [email protected] > https://lists.djigzo.com/lists/listinfo/users > > > > _______________________________________________ Users mailing list > [email protected] > https://lists.djigzo.com/lists/listinfo/users > -- CipherMail email encryption Open source email encryption gateway with support for S/MIME, OpenPGP and PDF messaging. http://www.ciphermail.com Twitter: http://twitter.com/CipherMail _______________________________________________ Users mailing list [email protected] https://lists.djigzo.com/lists/listinfo/users
