signing-milter enables you to s/mime sign an ordinary mail while passing a MTA. It is written in C and tested with the postfix MTA. It should work with any MTA implementing the milter protocol.
Signing emails allows the receiver to trust the content much more then only relying on the senderaddress. So signing mails is a way to a increase your reputation. Sometimes you are unable to sign all mail as a person using an MUA. You may want to sign all mails generated by your trusted system. Here signing-milter may help.
There are two standards for signing mail: PGP and S/MIME. signing-milter supports S/MIME.
While you inject plain, wellformatted mail into your MTA, signing-milter capture the whole mail, extracts the envelope sender and consults a lookuptable to find a corresponding private key and certificate. If all matches, the MTA is instructed via the milter protocol to replace the whole mailbody with a signed one. The mailheaders are properly adjusted to reflect changed content-types and mime format.
The current version of signing-milter is signing-milter_2015030801. Older Releases are available from https://signing-milter.org/download.
Demonstrating signed mails is a little bit boring. Neverless we setup a autoresponder replying with a signed mail. The certificate used by the autoresponder is issued by CACert.org. Ask for permission to use this service at regular intervals.
Currently there is no more documentation then the manpage, the code itself and this Wiki. Feel free to add content to this wiki!
There are lists for general discussion and announcements.
signing-milter is licensed unter the terms of GNU General Public License as published by the Free Software Foundation. Only version 2 of the License is applicable.
signing-milter was written by Andreas Schulze. Portions of code are inspired or copied from postfix. Many inspirations I also found in amavisd-milter and opendkim.
You may contact the author per e-mail: author at signing-milter.org.