[Mimedefang] sign email with pgp by sendmail/mimedefang
David F. Skoll
dfs at roaringpenguin.com
Wed Feb 9 10:05:12 EST 2005
On Wed, 9 Feb 2005, [UTF-8] Sebastian Jäschke wrote:
> I'm really new to mimedefang and wonder if the following is possible:
> We need sendmail to sign every email from a specific sender (authed
> by SMTP auth) with a default PGP key. This emails contains always
> text and a pdf attachment.
That's a really bad idea. You've now lowered the security of the signature
to the security of SMTP AUTH, and I'm willing to bet that the person's
password for SMTP AUTH is a lot weaker than his/her PGP passphrase.
Also, this means you need some mechanism for unattended signing, which means
if the Sendmail machine is ever compromised, an attacker can sign arbitrary
files.
Regards,
David.
More information about the MIMEDefang
mailing list