Re^7: Postfix: Piping an email into a PERL script

No, GPG does more than that.

By using public/private keys, GPG is able to tell who the message is actually from (assuming private keys were not stolen). The incoming message would be signed (encryption of the message isn't necessary) by the user's private key, and you'd then use that person's public key to verify that it was actually sent by that person.

Thus, by using GPG, you don't need to implicitly trust the headers, you can verify if the header has been spoofed or not.

-Scott

Comment on Re^7: Postfix: Piping an email into a PERL script

Replies are listed 'Best First'.
Re^8: Postfix: Piping an email into a PERL script by Zzenmonk (Sexton) on May 22, 2013 at 15:01 UTC
Ok! I will make it short. My post is about piping an email into a Perl script without fooling around with the local mailer definition of postfix (see the other post here). Basically my solution simulates the smrsh feature of sendmail. I do not intend to discuss more than this here. The topic of email security is of an other order of magnitude. As stated you can only protect your emails by encrypting of the communication link like https. This is only available if you use IPV6. Facts are security is matter of time and resources. With an infinite amount of time or infinite resources you can breach any security feature, even PGP. Now to round up the case, to read the content of an encrypted email, you first capture it from the Net, for example with tcpdump. Next you write a program and you crack it.(dot) Depending on the encryption used, this may last several centuries. Of course you can make like EFF, that just created a machine dedicated to crack the DES encryption in 1998.(dot again) If the communication link is not encrypted it will be pretty easy to capture interesting emails and to proceed with the above classical procedure. If the link is encrypted, it will be very difficult to find the mails your are looking for, potentially it will be impossible. (last dot) K The best medicine against depression is a cold beer!	[reply]

Replies are listed 'Best First'.

Re^8: Postfix: Piping an email into a PERL script
by Zzenmonk (Sexton) on May 22, 2013 at 15:01 UTC

Ok! I will make it short. My post is about piping an email into a Perl script without fooling around with the local mailer definition of postfix (see the other post here). Basically my solution simulates the smrsh feature of sendmail. I do not intend to discuss more than this here.

The topic of email security is of an other order of magnitude. As stated you can only protect your emails by encrypting of the communication link like https. This is only available if you use IPV6.

Facts are security is matter of time and resources. With an infinite amount of time or infinite resources you can breach any security feature, even PGP.

Now to round up the case, to read the content of an encrypted email, you first capture it from the Net, for example with tcpdump. Next you write a program and you crack it.(dot) Depending on the encryption used, this may last several centuries. Of course you can make like EFF, that just created a machine dedicated to crack the DES encryption in 1998.(dot again)

If the communication link is not encrypted it will be pretty easy to capture interesting emails and to proceed with the above classical procedure. If the link is encrypted, it will be very difficult to find the mails your are looking for, potentially it will be impossible. (last dot)

The best medicine against depression is a cold beer!

[reply]