Background: I set up a server with mail/ssmtp and sysutils/logwatch because I wanted to painlessly monitor system security. Logwatch sent me a nice email, pretty much out-of-the-box, but when I read it I realized that the information in the body is sensitive. So I asked myself: why not encrypt the message with my gnupg public key before sending?
I came up with this script. Clearly it is only useful for logwatch because of the hardcoded line numbers:
Then in logwatch.conf I set
But now: How can we automatically encrypt all outgoing mail? Ideally the smtp agent would check if there is a public key for the recipient and automatically encrypt the body. Then all email that leaves the server would get the same treatment (crons, revaliases, etc).
There's a few addons for postfix which claim to address this: https://github.com/infertux/zeyple and https://github.com/fkrone/gpg-mailgate. But one of the reasons I have ssmtp is that I am not an email expert and I need simplicity.
Thoughts? Experiences? Feedback?
I came up with this script. Clearly it is only useful for logwatch because of the hardcoded line numbers:
Code:
#!/bin/sh
INPUT=""
while read line; do
INPUT="${INPUT}\n${line}"
done < /dev/stdin
HEAD="$(echo -e "$INPUT" | head -9 | tail -8)"
TAIL=$(echo -e "$INPUT" | tail -n+13)
ENC=$(echo -e "$TAIL" | gpg -ea -r <my email address> -o -)
FINAL="${HEAD}\n${ENC}"
echo -e "$FINAL"
Then in logwatch.conf I set
mailer = mailer.sh | ssmtp -t
. So this works fine and the email gets sent end-to-end encrypted which is great.But now: How can we automatically encrypt all outgoing mail? Ideally the smtp agent would check if there is a public key for the recipient and automatically encrypt the body. Then all email that leaves the server would get the same treatment (crons, revaliases, etc).
There's a few addons for postfix which claim to address this: https://github.com/infertux/zeyple and https://github.com/fkrone/gpg-mailgate. But one of the reasons I have ssmtp is that I am not an email expert and I need simplicity.
Thoughts? Experiences? Feedback?