Piotr F. Mieszkowski
e6619a660f
- Implement KeyConfirmationQueue.delete_expired_queue_items to delete items older than a given number of hours. - Introduce configuration parameter to specify maximum number of hours. It defaults to 1 hour. - Update documentation to explain that we never assign ST_TO_BE_DELETED. |
||
|---|---|---|
| bin | ||
| cron_templates | ||
| doc | ||
| GnuPG | ||
| lacre | ||
| register_templates | ||
| test | ||
| .gitignore | ||
| INSTALL.md | ||
| lacre-logging.conf.sample | ||
| lacre.conf.sample | ||
| lacre.py | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
| register-handler.py | ||
| requirements.txt | ||
| webgate-cron.py | ||
Lacre Project
Lacre (wax seal in Portuguese) is an add-on for Postfix that automatically encrypts incoming email before delivering it to recipients' inbox for recipients that have provided their public keys.
Lacre is a fork and continuation of the original work on gpg-mailgate project. It is still actively developed and should be considered as beta -- with all APIs and internals being subject to change. Please only use this software if you know GnuPG well and accept occasional failures.
How it works
Lacre is a content filter. This means, that when Postfix receives a message, it "forwards" that message to Lacre and if Lacre delivers it to a given destination, the message arrives to recipient's inbox.
After receiving the message, Lacre does the following:
- If message already is encrypted, it just delivers the message immediately.
- Checks the list of recipients, finds their public keys if any were provided.
- Encrypts message if possible.
- Delivers the message.
Work on this project in 2021 was funded by NGI Zero PET for which we are very thankful.
Made possible thanks to:
Installation
For installation instructions, please refer to the included INSTALL file.
Planned features
- Correctly displays attachments and general email content; currently will only display first part of multipart messages
- Public keys are stored in a dedicated gpg-home-directory
- Encrypts both matching incoming and outgoing mail (this means gpg-mailgate can be used to encrypt outgoing mail for software that doesn't support PGP or S/MIME)
- Easy installation
- People can submit their public key like to any keyserver to gpg-mailgate with the gpg-mailgate-web extension
- People can send an S/MIME signed email to register@yourdomain.tld to register their public key
- People can send their public OpenPGP key as attachment or inline to register@yourdomain.tld to register it
See also: lacre-webgate -- a web interface allowing any user to upload PGP keys so that emails sent to them from your mail server will be encrypted
This is forked from the original project at http://code.google.com/p/gpg-mailgate/
Authors
This is a combined work of many developers and contributors. We would like to pay honours to original gpg mailbox developers for making this project happen, and providing solid solution for encryption emails at rest:
- mcmaster mcmaster@aphrodite.hurricanelabs.rsoc
- Igor Rzegocki ajgon@irgon.com - GitHub
- Favyen Bastani fbastani@perennate.com - GitHub
- Colin Moller colin@unixarmy.com - GitHub
- Taylor Hornby havoc@defuse.ca - GitHub
- Martin (uragit) uragit@telemage.com - GitHub
- Braden Thomas - BitBucket
- Bruce Markey - GitHub
- Remko Tronçon - GitHub
- Kiritan Flux GitHub
- Fabian Krone GitHub