5.2.23
Thursday, 21. November 2024

Diff for Wiki/Home between 42 and 43

[[toc]]

+ signing-milter

signing-milter enables you to s/mime sign an ordinary mail while passing a MTA. It is written in C and tested with the postfix MTA. It should work with any MTA implementing the [https://sources.debian.org/data/main/s/sendmail/8.15.2-12/libmilter/docs/index.html milter protocol].

News 2016-07-07: We have written another version of this milter in C++14.

++ Introduction
Signing emails allows the receiver to trust the content much more then only relying on the senderaddress. So signing mails is a way to a increase your reputation. Sometimes you are unable to sign all mail as a person using an MUA. You may want to sign all mails generated by your trusted system. Here **signing-milter** may help.

There are two standards for signing mail: PGP and S/MIME. **signing-milter** supports S/MIME.

While you inject plain, wellformatted mail into your MTA, **signing-milter** capture the whole mail, extracts the envelope sender and consults a lookuptable to find a corresponding private key and certificate. If all matches, the MTA is instructed via the milter protocol to replace the whole mailbody with a signed one. The mailheaders are properly adjusted to reflect changed content-types and mime format.

++ Download
The current version of **signing-milter** is [https://signing-milter.org/download/signing-milter-20210822.tar.gz signing-milter-20210822.tar.gz]. Older Releases are available from https://signing-milter.org/download.

You can download the C++ version named **sigh** on Github [https://github.com/croessner/sigh/archive/v1607.1.1.tar.gz v1607.1.1.tar.gz].

++ Demo
Demonstrating signed mails is a little bit boring. Neverless we setup a [mailto:echo%REMOVE_THIS@signing-milter.org autoresponder] replying with a signed mail. The certificate used by the autoresponder is sponsored by [https://datev.de[https://datev.com DATEV eG, Germany]. Ask for permission to use this service at regular intervals.

++ Documentation
Currently there is no more documentation then the [https://signing-milter.org/download/manpage.html manpage], the code itself and this Wiki. Feel free to add content to this wiki!

Documentation for **sigh** is included in the source tree of the project. See the README.build file for required dependencies and how to create the binary. There is also a man page and two example configuration files that describe in detail how to get the milter up and running.

* ((run|starting the milter))

++ Mailing-List
There are lists for [https://signing-milter.org/listarchive/users@signing-milter.org general discussion] and [https://signing-milter.org/listarchive/announce@signing-milter.org/ announcements].
* To subscribe, send an email to [mailto:users+subscribe@signing-milter.org users+subscribe@signing-milter.org].
* To unsubscribe, send an email to [mailto:users+unsubscribe@signing-milter.org users+unsubscribe@signing-milter.org].

++ License
**signing-milter** is licensed unter the terms of GNU General Public License as published by the Free Software Foundation. Only version 2 of the License is applicable.

**sigh** is licensed und the GNU General Public License version 3.

++ Author
**signing-milter** was written by Andreas Schulze. Portions of code are inspired or copied from [http://www.postfix.org postfix]. Many inspirations I also found in [http://amavisd-milter.sourceforge.net amavisd-milter] and [http://opendkim.org opendkim].

**sigh** was written by Christian Roessner. Some ideas are based on the original code from Andreas Schulze. As the code is written in C++, the OpenSSL part is mostly done with smart-pointers to prevent memrory leaks. Coding this way was based on ideas given by people on [https://stackoverflow.com stackoverflow].

++ Contact
You may contact the author per [mailto:schreiberling%REMOVE_THIS_at_signing-milter_dot_org e-mail] and the mailing lists.