mpeppler has asked for the wisdom of the Perl Monks concerning the following question:

I've been asked to look into enabling digitally signing all or part of the outgoing email at a client site.

Being rather unfamiliar with all things crypto (well, other than ssh :-) I've been looking around on CPAN and elsewhere, and so far I've come up with the following ideas:

I've found OpenCA::OpenSSL::SMIME that appears to be appropriate for this functionality, but I'm not sure how to tie this into MIMEdefang (though I will start experimenting in a few minutes :-).

Have any other monks any experience with this sort of thing, and could offer suggestions as to how best to proceed?

Thanks!

Michael

PS: The company in question does have a valid e-commerce SSL certificate that we can use to sign the messages.

Replies are listed 'Best First'.
Re: Automatically signing outgoing email
by demerphq (Chancellor) on Dec 06, 2003 at 10:36 UTC

    SMIME is an interesting protocol that is a bit tricky to implement. Its tricky to _create_ an SMIME mail in the first place as email content changes every step through the email transition. This of course means the digest must be calculated for only a portion of the mail (the secure part). When I had to do this it meant constructing a headerless multipart MIME mail, and then using OpenSSL (iirc) to sign it.

    I did a bit of research into setting up a secure email gateway once, and I reckon it would behave similarly. A mail is received by the gateway. It would remove the preexisting headers, use the sender name to lookup a certificate, sign the content, and then put the headers back on.

    Incidentally we used MIME::Parser/MIME::Entity to handle the mime stuff.... And it looks like the module you refernce is just the thing to do all of this. It looks like it handles all the tricky stuff we had to hand code.

    Incidentally if you do a super search for my name and SMIME I think you will find some code we wrote ages back to do our signing. (That I had permission to release) Its probably out of date and not very useful but it may be worth a quick gander. I dont remember. :-)


    ---
    demerphq

      First they ignore you, then they laugh at you, then they fight you, then you win.
      -- Gandhi

[reply]
[d/l]
      Thanks - I will definitely take a look!

      Michael

[reply]
Re: Automatically signing outgoing email
by MidLifeXis (Monsignor) on Dec 05, 2003 at 22:31 UTC

    I assume that there is no way for userA to inject mail as userB into the system (as you can using SMTP, for example). If you cannot gaurantee this, then you are just signing that you think the user who generated this message is userB.

    The closer you can put the signing to the user, the less likely someone else was able to inject a bogus message into the stream, and the more confidence you can have in the signature.

    --MidLifeXis

[reply]
      I fully understand these issues - I think I can tie down the SMTP server to limit the risk of someone sending mail as someone else and subverting the signature. Though as you point out I'm not 100% sure that the whole thing is such a great idea, and maybe it'd be better to add the signing to the email sending process.

      Michael

[reply]
Re: Automatically signing outgoing email
by hmerrill (Friar) on Dec 05, 2003 at 21:23 UTC
    Interesting problem to solve, but unfortunately I can't help (no experience with that sort of thing :-( ). I am interested though in what you figure out as a solution.
[reply]
      With MIMEdefang it's quite easy to add disclaimer footers and the like, but digitally signing a message is trickier :-)

      Guess it's time to start experimenting :-)

      Michael

[reply]

Back to Seekers of Perl Wisdom