From 5fdbabc3b3019b80fb9e74e8d14adf00992d6581 Mon Sep 17 00:00:00 2001 From: fkrone Date: Mon, 25 May 2015 22:49:42 +0200 Subject: [PATCH] Disable PGP/INLINE decryption by default. It does work, however, it has some drawbacks (e.g. content type for files getting lost). --- INSTALL.md | 2 +- gpg-mailgate.conf.sample | 6 ++++++ gpg-mailgate.py | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index 39b045f..ba97edf 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -93,7 +93,7 @@ GPG-Mailgate does not only feature encryption of mails but also decryption of PG With this functionality you could use GPG-Mailgate to decrypt incoming PGP encrypted mails (it is also capable of decrypting outgoing mails if the necessary key is present). To use this, you need to store your private keys on the server. This means that anyone who is able to obtain admin rights on the server is able to get the private keys stored on the server and is able to decrypt any mail encrypted with the corresponding public key. **If the server gets compromised in any kind and the attacker may have gained access to the server's file system, the keys have to be regarded as compromised as well!** If this happens you have to revoke your keys, notify everyone who has your public key (key servers as well) not to use this key any longer. You also need to create a new key pair for encrypted communication. #### Limitations -There are two main types of PGP encryption: PGP/MIME and PGP/INLINE. PGP/MIME is standardized while PGP/INLINE isn't completely (even though some people claim so). Decrypting PGP/MIME encrypted mails works in most cases while decrypting PGP/INLINE encrypted mails may fail more often. The reason is that most clients are implementing PGP/INLINE in their own way. GPG-Mailgate is able to decrypt mails which are encrypted PGP/INLINE by GPG-Mailgate on the sender's side. Furthermore it should be able to decrypt PGP/INLINE encrypted mails encrypted by Enigmail. For PGP/INLINE the mail's structure may not be preserved due to how PGP/INLINE is implemented on most clients. If you receive a PGP/INLINE encrypted mail that could not be decrypted by GPG-Mailgate you may ask the sender to use PGP/MIME instead. Furthermore file types might get lost when using PGP/INLINE. +There are two main types of PGP encryption: PGP/MIME and PGP/INLINE. PGP/MIME is standardized while PGP/INLINE isn't completely (even though some people claim so). Decrypting PGP/MIME encrypted mails works in most cases while decrypting PGP/INLINE encrypted mails may fail more often. The reason is that most clients are implementing PGP/INLINE in their own way. GPG-Mailgate is able to decrypt mails which are encrypted PGP/INLINE by GPG-Mailgate on the sender's side. Furthermore it should be able to decrypt PGP/INLINE encrypted mails encrypted by Enigmail. For PGP/INLINE the mail's structure may not be preserved due to how PGP/INLINE is implemented on most clients. If you receive a PGP/INLINE encrypted mail that could not be decrypted by GPG-Mailgate you may ask the sender to use PGP/MIME instead. Furthermore file types might get lost when using PGP/INLINE. Due to this limitations decrypting PGP/INLINE encrypted mails is disabled by default. If you want to take the risk you can set `no_inline_dec` to `no` in the `[default]` section. You have been warned. #### Setting up decryption You need the recipient's private key for whom you want to decrypt mails. To add the private key, use the following command: diff --git a/gpg-mailgate.conf.sample b/gpg-mailgate.conf.sample index 8a81801..3cfc116 100644 --- a/gpg-mailgate.conf.sample +++ b/gpg-mailgate.conf.sample @@ -29,6 +29,12 @@ mime_conversion = yes # recipients all ignore the RFC you could this to yes. mail_case_insensitive = no +# This setting disables PGP/INLINE decryption completely. However, +# PGP/MIME encrypted mails will still be decrypted if possible. PGP/INLINE +# decryption has to be seen as experimental and could have some negative +# side effects. So if you want to take the risk set this to no. +no_inline_dec = yes + [gpg] # the directory where gpg-mailgate public keys are stored # (see INSTALL for details) diff --git a/gpg-mailgate.py b/gpg-mailgate.py index 5509a05..aa0bdb9 100755 --- a/gpg-mailgate.py +++ b/gpg-mailgate.py @@ -127,7 +127,7 @@ def gpg_decrypt_all_payloads( message ): # At this point the message could only be PGP/INLINE encrypted, unencrypted or # encrypted with a mechanism not covered by GPG-Mailgate - else: + elif get_bool_from_cfg('default', 'no_inline_dec', 'no'): # Check if message is PGP/INLINE encrypted and has attachments (or unencrypted with attachments) if message.is_multipart():