no way to compare when less than two revisions
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
— | centos:mail_c7:mta_10 [29.01.2016 12:02. ] (aktuell) – angelegt django | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
+ | ====== OPENPGP DNS & Milter ====== | ||
+ | |||
+ | |||
+ | # yum install hash-slinger | ||
+ | |||
+ | # rpm -qil hash-slinger | ||
+ | < | ||
+ | Version | ||
+ | Release | ||
+ | Architecture: | ||
+ | Install Date: Fri 22 Jan 2016 10:12:33 AM CET | ||
+ | Group : Applications/ | ||
+ | Size : 88902 | ||
+ | License | ||
+ | Signature | ||
+ | Source RPM : hash-slinger-2.7-1.el7.src.rpm | ||
+ | Build Date : Sun 03 Jan 2016 01:34:40 AM CET | ||
+ | Build Host : buildppcle-05.phx2.fedoraproject.org | ||
+ | Relocations : (not relocatable) | ||
+ | Packager | ||
+ | Vendor | ||
+ | URL : http:// | ||
+ | Summary | ||
+ | Description : | ||
+ | This package contains various tools to generate special DNS records: | ||
+ | |||
+ | sshfp | ||
+ | or ssh-keyscan | ||
+ | tlsa Generate RFC-6698 | ||
+ | openpgpkey | ||
+ | keyrings | ||
+ | ipseckey | ||
+ | IPsec servers | ||
+ | |||
+ | This package supersedes ' | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | |||
+ | |||
+ | $ openpgpkey --fetch --uid 2 michael@nausch.org | ||
+ | < | ||
+ | Comment: michael@nausch.org key obtained from DNS | ||
+ | Comment: key transfer was protected by DNSSEC | ||
+ | Version: GnuPG v2.0.22 (GNU/ | ||
+ | |||
+ | mQINBFI9/ | ||
+ | k997kartujdknbuAsVKpqh4kVjj7SA1/ | ||
+ | Gq2zODnopuueIp0VZlKc+WlspS0NGfNiIrywEEt7joL25YqgDwejsmYiWlbd3Qnh | ||
+ | TKqlAXn6g7VZA1Bk3K7OBkV6RY7vlIrKmeefHkLrU4B2+02Two2w4tP15l9iXOUT | ||
+ | o/ | ||
+ | v0QJlplFXIvIyMJMnrKD7z+AmuACwZoAUnG9IXipb439axPje1lQMN/ | ||
+ | lsc+ctGAOmPrIVBZaeBznu5bMx+l0y2nb/ | ||
+ | Oo5ZFY/ | ||
+ | Tmyfcs71HdUGOcr2D++HPjF6XFOPvmJ/ | ||
+ | ot/ | ||
+ | ceDbEnuV5J0+OdZRwQurZdbDA0w7N+6Q7hdPKS6pCjQEJXGHthz1ojO0qQARAQAB | ||
+ | tCNNaWNoYWVsIE5hdXNjaCA8bWljaGFlbEBuYXVzY2gub3JnPokCPQQTAQgAJwUC | ||
+ | Uj39TQIbAwUJBKKGAAULCQgHAwUVCgkICwUWAwIBAAIeAQIXgAAKCRAHTs9hUKa/ | ||
+ | 7bVYD/ | ||
+ | FF2zzK3HeiofyVTAMkYtLxZcmAQw32YtTvSEa9RyibOl21ayCuVyeYSpjcsOYglS | ||
+ | G3I82uPpMj8ob/ | ||
+ | zqQ8ImKNJlA8CfuRTGlpaxoh3VP0sjKIUhqC3yuw64fAU/ | ||
+ | hHKhdwMj9gmh/ | ||
+ | 6RUP5XXpHPgcl8ffQJEq51rZHs8YXWQnFvGL9+T2YK2AXPrEHP1FeS8MWTX1GKWa | ||
+ | Rs4r5Ax5iosw+h/ | ||
+ | Qr0PCwWMp9QXw/ | ||
+ | AWGCvRSSucBV+nCr1/ | ||
+ | 5vEpukoRLYmLiNhsfm1wJeqjhCvfrec48t1jLYQDkC+O2+uuVMvbdA6eR8T1WCpk | ||
+ | lxcnyP0KZbRellLoFzxQbQl6rBU1I1axyxz4VbkXzEfRISeaDLQ2TWljaGFlbCBO | ||
+ | YXVzY2ggKGFrYSBEamFuZ28gW0JPZkhdKSA8ZGphbmdvQG5hdXNjaC5vcmc+iQI9 | ||
+ | BBMBCAAnBQJSPgXoAhsDBQkEooYABQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJ | ||
+ | EAdOz2FQpr/ | ||
+ | jsKoJ6Z/ | ||
+ | gWpNIT7gXa7ngfipgrVXZGUZwU0roRdqZ1CZ94e76FtYUjMNnZ6KlbPJQZCN3S/ | ||
+ | 91DoQGCJrVpWqNOTHB5nZaHFGyWWdIAYBr5pjFboHzTGtYU1W6y248bmUafIyBk6 | ||
+ | Z6p4oMVyPsGFes7IRseUBJhClEPYYCY8+fFbmpGTvfpHM5X/ | ||
+ | o4MskoQHNKz5kDzIF4uDUNIQq8ZkoxvuiPlaZsk4/ | ||
+ | iuEuqz+MdtQQz3TwogVc2VPC5JtrQEWWC9cikTVX71l9DpisP/ | ||
+ | h/ | ||
+ | ueJRp92M93WaQzvxsTD6kurPxkvTTlaGo7LHf/ | ||
+ | C5NITtBaLcXiJvAmZS3ZfhSsiK8YdQF+BJi+B7mjZGqcqUT+gZsPKQuahcX+2SbE | ||
+ | 2X0ID5QznRmX1HWCm+CQcATaErNTJT+Ika037kDN2kq233H4UTOIZcHLjV/ | ||
+ | aWNoYWVsIE5hdXNjaCAoYWthIEJpZ0NoaWVmKSA8YmlnY2hpZWZAb21uaTEyOC5k | ||
+ | ZT6JAj0EEwEIACcFAlI+BiACGwMFCQSihgAFCwkIBwMFFQoJCAsFFgMCAQACHgEC | ||
+ | F4AACgkQB07PYVCmv+1jFA// | ||
+ | 1z6rD3+5v4HS7Oz7nUv8SOYkB/ | ||
+ | ocjYPXHvWdGLVmbwCmPLjoA72ct4SH4gyLRNZH0dvUPT8vfXEKRIaiCNB7ht93UJ | ||
+ | XcDn97DY54q+EfxkywVmlK1EYmNN+3EUuBPNVpumC+6Zy3u/ | ||
+ | I+d2EPSBOw1MYihYfqYLRKGziTTEJmvUEt5pnI5S9uE0IqedAOUTdjwhOnzyJk+P | ||
+ | ulEGnhtoJ1v0DIYEYiIEaVPIp8Pax151QbnYDSPIe+WlOpbG3C1Yb8CTz65FpcwS | ||
+ | jG84GjoTrapePWj07PwwAC5+/ | ||
+ | HwYStsZ3Xgn/ | ||
+ | rHCHML0CINa7/ | ||
+ | oAXO9DJn6AcgAJHSpopQJgTqfez8djL5j34kjiGXncqv3CZNDiVzeoTTjDG41Rmy | ||
+ | HhSUKpyo8WGkvmhIXWzbcMrxEueclyppMgSqb2JCl0iIFu1Uu7Wg7qRPygZLXAdT | ||
+ | kuq5Ag0EUj39TQEQAMIfFbJQ8x/ | ||
+ | BWYq1q2j3NiQAljpWyc4sX/ | ||
+ | 6/ | ||
+ | 1XNc/ | ||
+ | pTb4jKRClj2grOyUfyPs4vLbWta5T4H2JLsD289JmRSOFu9KRQwqc0hDHnYFs1Uu | ||
+ | 90HPJHzQ/ | ||
+ | VcwjHFdq7uijJrjkzl3LI3OC7wIX5XDk2kTh2fmp/ | ||
+ | suLWlgJD6MorOB8qyA3hSjAhA/ | ||
+ | O6xEALS8SKruVL97avxulLQ5X1vc7JgM1C/ | ||
+ | ELotiG1QaGtocgH2dNnDklwx4RJ0W5IJGxei9fUA2YOvy9SvAYINpmWKZJuDiiNO | ||
+ | YR5OjcywXvTcYglxgcDwpSk0xw/ | ||
+ | AAGJAiUEGAEIAA8FAlI9/ | ||
+ | CsnPPrEUZNYbdvawm4EN0jEtNYc0EFY/ | ||
+ | VKZVK1CYKJ5kG8Gv3sTzlTbvC1i1xFH9HO+NZFQqG1WupG8zVKsLJoIHUkplA7lO | ||
+ | ZfA0z262VH4JJaQU6tv7WQXbEEaXUpa0hsoJmvei/ | ||
+ | t4H1YQGZk7sely/ | ||
+ | kUjAF8EB3kw2cyB++LgOyrqVFbxkO/ | ||
+ | CS+64+snMskT88mvkRkcc7OBYhITKnn2XDuSBkWiw6UAFFoKgb1ZCBnMMnG086ZD | ||
+ | WMLZkCQ1nL8pX7wPdyUU9YP9U5YvTYeuCrNpNy7xM3l5BEFK/ | ||
+ | LymqM80MuSVRgQrFdxJAFgHN+ziRw9v+VRijWzmufeHkqUo77BVot9mDmouAiUGw | ||
+ | cK1hGL0Nl34rgN6gOETPzGLiOLBmytVW/ | ||
+ | 2LeJPxcPjsBJa3h05QwIaZo18Wb9esnjBjzjV4fRY0+akiJw/ | ||
+ | / | ||
+ | =usnJ | ||
+ | -----END PGP PUBLIC KEY BLOCK-----</ | ||
+ | |||
+ | |||
+ | # yum install openpgpkey-milter -y | ||
+ | |||
+ | # rpm -qil openpgpkey-milter | ||
+ | < | ||
+ | Version | ||
+ | Release | ||
+ | Architecture: | ||
+ | Install Date: Fri 29 Jan 2016 12:35:15 PM CET | ||
+ | Group : System Environment/ | ||
+ | Size : 50233 | ||
+ | License | ||
+ | Signature | ||
+ | Source RPM : openpgpkey-milter-0.5-1.el7.src.rpm | ||
+ | Build Date : Mon 04 Jan 2016 01:08:27 AM CET | ||
+ | Build Host : bvirthost02-nfs.phx2.fedoraproject.org | ||
+ | Relocations : (not relocatable) | ||
+ | Packager | ||
+ | Vendor | ||
+ | URL : ftp:// | ||
+ | Summary | ||
+ | Description : | ||
+ | The openpgpkey-milter package provides a milter plugin for sendmail or postfix | ||
+ | that will automatically encrypt plaintext emails if the target recipient is | ||
+ | publishing an OPENPGPKEY record protected with DNSSEC. This is currently an | ||
+ | IETF draft (draft-wouters-dane-openpgp) | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | |||
+ | ==== README ==== | ||
+ | |||
+ | # less / | ||
+ | < | ||
+ | WARNING | ||
+ | ======= | ||
+ | |||
+ | This is pre-release software. It's only been testing by me on my personal | ||
+ | postfix server. Running this anywhere on a production machine might cost | ||
+ | you your job, although afterwards please do let me know how it failed you | ||
+ | so I can fix it. | ||
+ | |||
+ | openpgpkey-milter | ||
+ | ----------------- | ||
+ | |||
+ | openpgpkey-milter is a sendmail/ | ||
+ | to automatically OpenPGP encrypt plaintext emails received by the MTA/MUA | ||
+ | before relaying the message further towards the recipient(s). These can be | ||
+ | messages received from the network, or generated locally. | ||
+ | |||
+ | Requirements | ||
+ | ------------ | ||
+ | Apart from requiring a milter compatible mail server (postfix or sendmail), | ||
+ | openpgpkey-milter requires: | ||
+ | |||
+ | * python-unbound / unbound-python (in all major distros) | ||
+ | * python-milter / python-pymilter (in all major distros) | ||
+ | * [python-gnupg](http:// | ||
+ | (older versions might need a [patch](http:// | ||
+ | * gnupg, libmilter, etc which are dragged in dependancies by the above packages | ||
+ | |||
+ | Recommended | ||
+ | ----------- | ||
+ | |||
+ | The [hash-slinger](http:// | ||
+ | package contains an " | ||
+ | verify your own OPENPGPKEY records. | ||
+ | |||
+ | How does it work | ||
+ | ---------------- | ||
+ | |||
+ | openpgpkey-milter detects when a message is not encrypted with gpg and | ||
+ | then checks all the recipients to see if they published the special | ||
+ | [OPENPGPKEY](http:// | ||
+ | |||
+ | Configuration of the milter service | ||
+ | ----------------------------------- | ||
+ | |||
+ | To use openpgpkey-milter with postfix, add to `/ | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | If you run `opendkim`, ensure you add openpgpkey-milter **before** opendkim | ||
+ | or you'll break the opendkim signatures. For the fedora/rhel configuration | ||
+ | where opendkims uses port 8891, you can use the following: | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | Mailing list and bug reports | ||
+ | ---------------------------- | ||
+ | |||
+ | There is no mailing list yet. Please send questions and bug reports | ||
+ | to paul@nohats.ca. However if you run openpgpkey-milter on your mail | ||
+ | server and it broke, you might be better of mailing me at the unsigned | ||
+ | domain paul@cypherpunks.ca. | ||
+ | |||
+ | </ | ||
+ | |||
+ | ====== openpgpkey-milter ====== | ||
+ | |||
+ | nix zu tun | ||
+ | |||
+ | # vim / | ||
+ | <file bash / | ||
+ | </ | ||
+ | |||
+ | |||
+ | # systemctl start openpgpkey-milter | ||
+ | |||
+ | |||
+ | # systemctl status openpgpkey-milter | ||
+ | < | ||
+ | | ||
+ | | ||
+ | Main PID: 3880 (openpgpkey-milt) | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | Jan 29 12:45:19 vml000087.dmz.nausch.org systemd[1]: Started OPENPGPKEY auto encryption milter. | ||
+ | Jan 29 12:45:19 vml000087.dmz.nausch.org systemd[1]: Starting OPENPGPKEY auto encryption milter... | ||
+ | Jan 29 12:45:20 vml000087.dmz.nausch.org openpgpkey-milter[3880]: | ||
+ | Jan 29 12:45:20 vml000087.dmz.nausch.org openpgpkey-milter[3880]: | ||