encryption?

[Scott Silva]

on 7-29-2008 2:16 AM Julian Field spake the following:
> 
> 
> Furnish, Trever G wrote:
>> This is slightly off-topic, but is anyone already doing the following or
>> do you know *how* to do the following with MailScanner and/or Sendmail?
>> Basically I'd like to tie in a Voltage for encryption, and it works
>> entirely based SMTP.
>>
>> If an email with a particular message header comes into the mailscanner
>> system that handles outbound email, I'd like to route it via SMTP over
>> to a Voltage server, which will accept the message, encrypt it, then
>> send it back.
>>
>> The bit I'm not sure how to do is re-routing a message based on the
>> presence of a particular header.  Imagine the head is simply
>> "X-Needs-Encryption: YES".  Is there a way to have MS or Sendmail send
>> that message elsewhere?  Would it have to change the SMTP recipient to
>> do so, or can we just hand off to the other system without changing the
>> SMTP recipient (as is done by sendmail when using the mailertable
>> feature)?
>>   
> You would probably have to change the SMTP recipient slightly to do it, 
> but you can probably do it in such a way that you could reconstruct the 
> original SMTP recipient again.
> 
> What I'm thinking of is a "SpamAssassin Rule Actions" setting. If you 
> added the original recipient list with "Add Envelope To Header = yes" 
> these would get logged in the header of the message. If you then wrote a 
> tiny SpamAssassin rule such as
> header  VOLTAGE_SPOTTER X-Needs-Encryption: =~ /YES/i
> describe VOLTAGE_SPOTTER Spot mail that needs encrypting
> score VOLTAGE_SPOTTER -0.01
> you could then use a SpamAssassin Rule Actions setting like this:
> SpamAssassin Rule Actions = VOLTAGE_SPOTTER=>forward 
> encryptme at voltage.mydomain.com
> 
> That would take all mail with the "X-Needs-Encryption: YES" header and 
> send it to encryptme at voltage.mydomain.com.
> 
> You then route that mail to your Voltage server with a 
> /etc/mail/mailertable line saying this:
> voltage.mydomain.com   esmtp:[my-voltage-server.mydomain.com]
> 
> Then your Voltage server needs to encrypt the mail coming to it via SMTP 
> from your MailScanner server. After it's encrypted it, it needs to 
> replace the original list of recipients with the contents of the 
> X-MailScanner-Envelope-To: header, and send it onwards to its final 
> destination. If you removed the X-Needs-Encryption: header in the 
> Voltage server as well, then you could even just pass it back to your 
> MailScanner server again for delivery.
> 
> I don't know if you have the source code, as I've never heard of 
> Voltage, but if you can mess with envelope recipients at all then the 
> above should be quite possible.
> 
> Is my explanation clear enough? Does it help at all?
> I do a similar (though simpler) trick to get all my email scanned for 
> images that might contain illegal (e.g. child porn, etc) content.
> 
> If anyone else is interested in scanning their mail for illegal image 
> content, please contact me off-list. I have a system running here which 
> works very well, but you need to sign an NDA before I can tell you much 
> about it.
> 
> 
> Jules
> 
Where does he get all those wonderful toys?  ;-D



-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20080729/5804409e/signature.bin