2013-11-03 08:45:15 +01:00
1. Ensure that GPG is installed and configured. Also make sure public keys for
all of your potential recipients are available in the GPG home directory
used for `keyhome` in step 2.
2014-02-26 12:18:07 +01:00
2013-11-03 08:45:15 +01:00
2. Configure `/etc/gpg-mailgate.conf` based on the provided
`gpg-mailgate.conf.sample`
2014-02-26 12:18:07 +01:00
2015-02-14 15:16:59 +01:00
3. Install some python dependencies `apt-get install python-m2crypto python-markdown python-requests python-mysqldb` (for linux distributions based on Debian. If you have a non Debian based distribution, the install command might be different)
2014-02-26 12:18:07 +01:00
2014-02-26 12:18:40 +01:00
4. Place `gpg-mailgate.py` and `register-handler.py` in `/usr/local/bin/`
2015-03-08 17:01:25 +01:00
5. Make sure that `gpg-mailgate.py` and `register-handler.py` are executable
chmod u+x /usr/local/bin/gpg-mailgate.py
chmod u+x /usr/local/bin/register-handler.py
chown nobody:nogroup /usr/local/bin/gpg-mailgate.py
chown nobody:nogroup /usr/local/bin/register-handler.py
2014-02-26 12:18:07 +01:00
2015-03-08 17:01:25 +01:00
6. Place the GnuPG directory in `/usr/local/lib/python2.7/dist-packages` (replace 2.7 with your
2013-11-03 08:45:15 +01:00
Python version)
2014-02-26 12:18:07 +01:00
2015-03-08 17:01:25 +01:00
7. Add the following to the end of `/etc/postfix/master.cf`
2013-11-03 08:45:15 +01:00
gpg-mailgate unix - n n - - pipe
flags= user=nobody argv=/usr/local/bin/gpg-mailgate.py ${recipient}
127.0.0.1:10028 inet n - n - 10 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
2015-03-08 17:01:25 +01:00
8. Add the following to `/etc/postfix/main.cf`
2013-11-03 08:45:15 +01:00
content_filter = gpg-mailgate
2014-02-26 01:56:39 +01:00
2015-03-08 17:01:25 +01:00
9. Add `register: |/usr/local/bin/register-handler.py` to `/etc/aliases`
2015-02-14 15:16:59 +01:00
2015-03-08 17:01:25 +01:00
10. Update postfix's alias database with `postalias /etc/aliases`
2013-11-03 08:45:15 +01:00
2015-03-08 17:01:25 +01:00
11. Restart postfix.
2014-02-26 02:02:45 +01:00
2015-03-08 17:01:25 +01:00
12. Setup a place to store public keys and certificates with these example commands:
2014-02-26 12:14:58 +01:00
2014-02-26 12:16:04 +01:00
usermod -d /var/gpg nobody
2015-03-08 17:01:25 +01:00
2015-03-15 20:09:47 +01:00
If you encounter any errors when using this command you might need to kill active processes from nobody
2015-03-08 17:01:25 +01:00
2015-03-15 20:07:32 +01:00
mkdir -p /var/gpg/.gnupg
2014-02-26 12:16:04 +01:00
mkdir -p /var/smime/certs
chown -R nobody /var/gpg
chown -R nobody /var/smime
chmod 700 /var/gpg/.gnupg
2015-03-15 20:07:32 +01:00
sudo -u nobody /usr/bin/gpg --homedir=/var/gpg/.gnupg --import /some/public.key
2013-11-03 08:45:15 +01:00
2014-02-26 01:48:27 +01:00
- Replace `/some/public.key` with the location of a public key
- `/some/public.key` can be deleted after importation
- Confirm that it's working: `sudo -u nobody /usr/bin/gpg --list-keys --homedir=/var/gpg/.gnupg`
2015-02-14 15:16:59 +01:00
2015-03-08 17:01:25 +01:00
13. Create directories for storing email templates:
2015-02-14 15:16:59 +01:00
mkdir -p /var/gpgmailgate/register_templates
mkdir -p /var/gpgmailgate/cron_templates
chown -R nobody /var/gpgmailgate
- Place the corresponding directories from this project in the created ones
- Edit them if you want to
2015-03-08 17:01:25 +01:00
14. [Install gpg-mailgate-web] (gpg-mailgate-web/README)
2015-02-14 15:16:59 +01:00
