|Main Archive Page > Month Archives > postfix-users archives|
Zitat von Mark Blackman <firstname.lastname@example.org>:
> On 27 Oct 2010, at 13:11, email@example.com wrote:
>> Zitat von Mark Blackman <firstname.lastname@example.org>:
>>> On 27 Oct 2010, at 13:02, Tomasz Chmielewski wrote:
>>>> Is it somehow possible to make Postfix add a digital signature to
>>>> outgoing emails?
>>>> Most likely Postfix itself can't do it, but maybe there is some
>>>> filter (similar to amavis, or dkimproxy) which can be used with
>>>> Postfix, which lets digitally sign email (i.e. if From: is X1,
>>>> sign with key K1)?
>>> That's a job for the MUA, not the MTA. There's no fraud-proof way
>>> for postfix to know who is sending the email.
>> If username/password with TLS is enough there are fraud-proof ways
>> do it Postfix content-filter, if not be sure to use at least
>> ID-cards class3 with your MUA.
> You're right, of course. I was overlooking that case and thinking of
> the more general internal unauthenticated relay case.
> I still suspect that's better done at the MUA level though, as the
> digital signature requires the use of a private key
> which should have a passphrase that only an interactive session can ask for.
> OTOH, you can imagine uses of digital signatures that are slightly
> less demanding than the case of an individual making
> legally-binding statements.
In case of e-mail it is most of the time more of validating the sender
in common-sense (Anscheinsbeweis) and not legally-binding. At least
here in germany there is no valid *automatic* signing anyway which
could be legally-binding.