|Main Archive Page > Month Archives > postfix-users archives|
On 27 Oct 2010, at 13:11, firstname.lastname@example.org wrote:
> Zitat von Mark Blackman <email@example.com>:
>> On 27 Oct 2010, at 13:02, Tomasz Chmielewski wrote:
>>> Is it somehow possible to make Postfix add a digital signature to outgoing emails?
>>> Most likely Postfix itself can't do it, but maybe there is some filter (similar to amavis, or dkimproxy) which can be used with Postfix, which lets digitally sign email (i.e. if From: is X1, sign with key K1)?
>> That's a job for the MUA, not the MTA. There's no fraud-proof way for postfix to know who is sending the email.
> If username/password with TLS is enough there are fraud-proof ways do it Postfix content-filter, if not be sure to use at least ID-cards class3 with your MUA.
You're right, of course. I was overlooking that case and thinking of the more general internal unauthenticated relay case.
I still suspect that's better done at the MUA level though, as the digital signature requires the use of a private key
which should have a passphrase that only an interactive session can ask for.
OTOH, you can imagine uses of digital signatures that are slightly less demanding than the case of an individual making