7 Dec
2010
7 Dec
'10
11 p.m.
Hi
I checked the documentation of Perdition and I am not sure if the
following scenario can be implemented.
A Client (e.g. Outlook/TB) connects to a Perdition imap/pop proxy.
The proxy itself connects in turn to the real imap/pop server using the
credentials provided by client (possible switch of user_name).
Before an email gets delivered to the client, it will be processed by a
filter program which does some gpg processing (sig verification,
decryption), which is fully transparent for the client.
Can such a scenario be implemented with Perdition (ideally I would like
to write the filter program in perl :-) ).
Thanks,
Mike
8 Dec
8 Dec
1:50 a.m.
On Wed, Dec 08, 2010 at 12:00:00AM +0100, Mike Korizek wrote:
Hi
I checked the documentation of Perdition and I am not sure if the
following scenario can be implemented.
A Client (e.g. Outlook/TB) connects to a Perdition imap/pop proxy.
The proxy itself connects in turn to the real imap/pop server using the
credentials provided by client (possible switch of user_name).
Before an email gets delivered to the client, it will be processed by a
filter program which does some gpg processing (sig verification,
decryption), which is fully transparent for the client.
Can such a scenario be implemented with Perdition (ideally I would like
to write the filter program in perl :-) ).
Hi Mike,
in general IMAP and POP connections have two phases. The unauthenticated
phase where the user is verified. And the authenticated phase where
authenticated users access their messages.
Perdition currently only understands the unauthenticated phase. And once
the connection proceeds to the authenticated phase perdition just blindly
copies bytes between the end-user and the real-server.
The logic that you suggest would need to operate in the authenticated
phase. So in order to add the feature that you suggest to perdition it
would first be necessary to teach Perdition how commands and their replies
work in the authenticated phase. I suspect this would be trivial for POP
but more of a challenge for IMAP.
In summary, I think that what you suggest would be a useful addition to
perdition, but some infrastructure work would be need first.
9:28 p.m.
On 12/08/2010 02:50 AM, Simon Horman wrote:
On Wed, Dec 08, 2010 at 12:00:00AM +0100, Mike Korizek
wrote:
Hi Simon
I see I have underestimated how complex this is to achieve.
Do you know the product gpgrelay (http://sites.inka.de/tesla/gpgrelay.html)
It does what I meant but only on the client and on Win :-(
Are there already any plans to take this up in perdition? If so, what is
the timeline?
--
Thanks,
Mike
Hi
I checked the documentation of Perdition and I am not sure if the
following scenario can be implemented.
A Client (e.g. Outlook/TB) connects to a Perdition imap/pop proxy.
The proxy itself connects in turn to the real imap/pop server using the
credentials provided by client (possible switch of user_name).
Before an email gets delivered to the client, it will be processed by a
filter program which does some gpg processing (sig verification,
decryption), which is fully transparent for the client.
Can such a scenario be implemented with Perdition (ideally I would like
to write the filter program in perl :-) ).
Hi Mike,
in general IMAP and POP connections have two phases. The unauthenticated
phase where the user is verified. And the authenticated phase where
authenticated users access their messages.
Perdition currently only understands the unauthenticated phase. And once
the connection proceeds to the authenticated phase perdition just blindly
copies bytes between the end-user and the real-server.
The logic that you suggest would need to operate in the authenticated
phase. So in order to add the feature that you suggest to perdition it
would first be necessary to teach Perdition how commands and their replies
work in the authenticated phase. I suspect this would be trivial for POP
but more of a challenge for IMAP.
In summary, I think that what you suggest would be a useful addition to
perdition, but some infrastructure work would be need first. 
6:41 a.m.
On 8/12/10 10:00 AM, Mike Korizek wrote:
Hi
I checked the documentation of Perdition and I am not sure if the
following scenario can be implemented.
Before an email gets delivered to the client, it will be processed by a
filter program which does some gpg processing (sig verification,
decryption), which is fully transparent for the client.
Is this really the job of a proxy though? Wouldn't it make more sense to
implement this within Courier / Dovecot / Etc?
6:57 a.m.
On 12/08/2010 07:41 AM, Nick Brown wrote:
On 8/12/10 10:00 AM, Mike Korizek wrote:
Dovecot can't do this as the
proxying mechanism does not allow to use
custom filters.
I still need to check Courier in detail but at a first glance it does
not support filtering at all.
--
Thanks,
Mike
Hi
I checked the documentation of Perdition and I am not sure if the
following scenario can be implemented.
Before an email gets delivered to the client, it will be processed by a
filter program which does some gpg processing (sig verification,
decryption), which is fully transparent for the client.
Is this really the job of a proxy though? Wouldn't it make more sense to
implement this within Courier / Dovecot / Etc? 
7:40 a.m.
Mike Korizek wrote:
Before an email gets delivered to the client, it will
be processed by a
filter program which does some gpg processing (sig verification,
decryption), which is fully transparent for the client.
Can such a scenario be implemented with Perdition (ideally I would like
to write the filter program in perl :-) ).
I'd think that would best be done before or during mail delivery to the message
store.
In case you're using sendmail, you might want to look at MIMEdefang - you could add
your PGP processing as part of one of the existing filters.
HTH,
Thomas
3:54 p.m.
On Wed, December 8, 2010 08:40, Thomas Bätzler wrote:
Mike Korizek wrote:
I do not have access to the message store.
I access the message store only via a proxy and the clients retrieves the
messages through the proxy.
Originally I thought it would be easy to process the message on the proxy
but now I see there is nearly no chance to do this...
--
Thanks,
Mike
Before an email gets delivered to the client, it
will be processed by a
filter program which does some gpg processing (sig verification,
decryption), which is fully transparent for the client.
Can such a scenario be implemented with Perdition (ideally I would like
to write the filter program in perl :-) ).
I'd think that would best be done before or during mail delivery to the
message store.
In case you're using sendmail, you might want to look at MIMEdefang - you
could add your PGP processing as part of one of the existing filters.
4897
days inactive
4898
days old
6 comments
5 participants
participants (5)
-
Mike -
Mike Korizek
-
Nick Brown -
Simon Horman -
Thomas Bätzler