https://github.com/cl0v1s/gpg-filter
Content Filter for Postfix, encrypt all incoming emails with public keys
https://github.com/cl0v1s/gpg-filter
email encryption mail privacy
Last synced: over 1 year ago
JSON representation
Content Filter for Postfix, encrypt all incoming emails with public keys
- Host: GitHub
- URL: https://github.com/cl0v1s/gpg-filter
- Owner: Cl0v1s
- Created: 2022-04-10T10:48:40.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2022-12-04T14:40:36.000Z (over 3 years ago)
- Last Synced: 2025-01-22T01:36:23.899Z (over 1 year ago)
- Topics: email, encryption, mail, privacy
- Language: Python
- Homepage:
- Size: 11.7 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# GPG Filter
This script is a simple content filter for Postfix.
It encrypts incoming emails using public keys saved in the configured gnupg home.
if no matching public key is available, the incoming e-mail will not be encrypted.
It was created as a [RFC 3156](https://datatracker.ietf.org/doc/rfc3156/) compliant alternative to [GPG-mailgate](https://github.com/fkrone/gpg-mailgate), since emails encrypted with the latter are not readable for most of the email clients with OpenPGP support.
## Requirements
* gnupg
* Python 3.6
* python-gnupg
## How to use
Please read the [official postfix documentation](https://www.postfix.org/FILTER_README.html#simple_filter).
1. Create a gpg-filter user with a home directory
2. Download the script and keep its path in mind, make the gpg-filter user owner of the script's directory
3. Edit /etc/postfix/master.cf and add the following at the end of the file
```
gpg-filter unix - n n - 10 pipe
flags=Rq user=gpg-filter null_sender=
argv=/usr/bin/python3 path/to/gpg-filter/main.py ${recipient}
```
4. Edit /etc/postfix/master.cf and edit the smtp service so it will use gpg-filter as a content-filter
```
# =============================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
# =============================================================
smtp inet ...other stuff here, do not change... smtpd
-o content_filter=gpg-filter:dummy
```
5. Edit the gpg-filter config.json file and set `gnupghome` to the .gnupg folder in the gpg-filter user's home directory
6. You can now add public keys to the gpg-filter user keyring with
```
sudo -u gpg-filter /usr/bin/gpg --import /some/public.key
```