postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: adding digital signature to email?

Re: adding digital signature to email?

From: <lst_hoe02_at_nospam>
Date: Wed Oct 27 2010 - 12:30:47 GMT
To: postfix-users@postfix.org

Zitat von Mark Blackman <mark@exonetric.com>:

>
> On 27 Oct 2010, at 13:11, lst_hoe02@kwsoft.de wrote:
>
>> Zitat von Mark Blackman <mark@exonetric.com>:
>>
>>> On 27 Oct 2010, at 13:02, Tomasz Chmielewski wrote:
>>>
>>>> Is it somehow possible to make Postfix add a digital signature to
>>>> outgoing emails?
>>>>
>>>> Most likely Postfix itself can't do it, but maybe there is some
>>>> filter (similar to amavis, or dkimproxy) which can be used with
>>>> Postfix, which lets digitally sign email (i.e. if From: is X1,
>>>> sign with key K1)?
>>>
>>> That's a job for the MUA, not the MTA. There's no fraud-proof way
>>> for postfix to know who is sending the email.
>>
>> If username/password with TLS is enough there are fraud-proof ways
>> do it Postfix content-filter, if not be sure to use at least
>> ID-cards class3 with your MUA.
>
> You're right, of course. I was overlooking that case and thinking of
> the more general internal unauthenticated relay case.
>
> I still suspect that's better done at the MUA level though, as the
> digital signature requires the use of a private key
> which should have a passphrase that only an interactive session can ask for.
>
> OTOH, you can imagine uses of digital signatures that are slightly
> less demanding than the case of an individual making
> legally-binding statements.

In case of e-mail it is most of the time more of validating the sender
in common-sense (Anscheinsbeweis) and not legally-binding. At least
here in germany there is no valid *automatic* signing anyway which
could be legally-binding.

Regards

Andreas