infertux / zeyple Goto Github PK
View Code? Open in Web Editor NEWPostfix filter/hook to automatically encrypt outgoing emails with PGP/GPG
Home Page: https://infertux.com/labs/zeyple/
License: Other
Postfix filter/hook to automatically encrypt outgoing emails with PGP/GPG
Home Page: https://infertux.com/labs/zeyple/
License: Other
I have a cms installed on on my webserver that (most likley) uses the php-mailer to send emails. However, thunderbird refuses to decrypt them properly and somehow hangs (hard to describe, it won't decrypt any more emails) instead.
I am not sure how or where to get more debug information but this files may help you.
I am using 86a3c27.
echo `date` | mutt -s test8 -b [email protected] -c [email protected] [email protected]
The cc- and bcc-addresses do not receive any mail, however the rewritten address ([email protected] -> [email protected]) gets the mail twice.
This only happens if one or more "cc" addresses are present. If there are multiple addresses in "To" the mails are not duplicated.
Need to reproduce.
It is only used for tests and doesn't add anything useful.
This field is not mandatory, so I think it should be considered a bug.
As some of our messages are HTML mails and users really don't want to see the tags, we should probably implement PGP/MIME which should be able to handle this.
Might have a look here: https://github.com/zenhack/python-gpgmime
My email provider only accepts mail with with a special sender-argument. Therefore I have a /etc/postfix/sender_canonical file which maps the internal senders to the external sender value.
After installing zeyple, this does not seem to work anymore. I get error messages like this:
Feb 12 16:31:16 matrix postfix/smtp[672]: AB822100873: to=<[email protected]>, relay=mail.gmx.net[212.227.17.190]:587, delay=0.43, delays=0/0.01/0.4/0.03, dsn=5.0.0, status=bounced (host mail.gmx.net[212.227.17.190] said: 550-Requested action not taken: mailbox unavailable 550 Sender address is not allowed. (in reply to MAIL FROM command))
Any ideas how to fix this?
Thank you.
Hi!
Thanks for the great tool, really love this one!
In zeyple.py config path /etc/ is set. In the setup_zeyple.sh /etc/zeyple/ is used for the sample conf. To keep all in place I suggest changing /etc/ in zeyple.py to /etc/zeyple/ . Else it won´t find its config file.
Bash script: keys saved to /etc/zeyple/keys
In example zeyple.conf path is wrong /var/lib/...
Suggestions:
Touch /etc/postfix/recipient_canonical since it´s not available per default (at least in arch repo).
Next you could change "adduser ...." to "useradd -r zeyple". Same result and adduser doesn´t always work while useradd does.
Last thing is /var/log/zeyple.log. Touching this too would be great since else error occures and mail won´t be send.
Hint for Debian: if it doesn´t fetch your gpg key (protocoll not supported error) mod probing ipv6 once does it: sudo modprobe ipv6
Hint for Arch: For errors like gpgme not found install python-pygpgme package.
Guess that´s all for now :-)
Sorry if this is already covered, but I didn't see any documentation on how to manually import a key for a recipient (without using a key server). Maybe this will be covered in #30?
Anyway, thanks for sharing this great software. :)
Hi, could you please create a new release? There have been quite a few useful commits since the last one.
Following up from #46.
It is beneficial to protect header information (subject, message id, etc) which are not normally encrypted by PGP. The memoryhole project part of autocrypt tries to provide a standardized way to do that, see https://github.com/autocrypt/memoryhole.
There is also a WIP Python library for the project which could be of use here: https://0xacab.org/leap/pymemoryhole
Using DKIM via opendkim on Debian server
DKIM is now failing for messages which are not encrypted by zeyple
If I remove content_filter = zeyple from main.cf DKIM works fine
If I use zeyple even on mail that isn't encrypted DKIM signature fails:
2020-05-10 16:10:47,164 14072 INFO Zeyple ready to encrypt outgoing emails
2020-05-10 16:10:47,165 14072 INFO Processing outgoing message <[email protected]>
2020-05-10 16:10:47,165 14072 INFO Recipient:xxx@xxxx
2020-05-10 16:10:47,165 14072 INFO Trying to encrypt for xxx@xxxx
2020-05-10 16:10:47,189 14072 INFO Key ID: None
2020-05-10 16:10:47,189 14072 WARNING No keys found, message will be sent unencrypted
2020-05-10 16:10:47,189 14072 INFO Sending message <20200xxxx7.0FF85FF36D@xxx>
2020-05-10 16:10:47,229 14072 INFO Message <20200xxxx7.0FF85FF36D@xxxx> sent
See also #1
python-gpgme has been abandoned in Ubuntu 18.04 (and Debian I guess). It should be replaced with python-gpg
The interface is broadly similar but has some differences. https://github.com/pazz/alot/pull/906/files is an example of a project being ported from python-gpgme to python-gpg.
See also: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846314
Hi,
python-gpgme is no longer supported by upstream for about four years and has a successor (python-pgp and python3-gpg).
pygpgme (PyGPGME on PyPi) was started by James Henstridge. Beside Python2 it supports Python 3 since v0.3 (March 2012). The wrapping is done using python's C interface directly without using a generator tool like SWIG. This project has not been updated since 2013 and should probably be considered obsolete.
Source : https://wiki.python.org/moin/GnuPrivacyGuard
I'm going to upgrade https://github.com/hardware/mailserver to Debian 10 "Buster", but python-gpgme does not exist anymore in Debian official repos.
I can look to upgrade Zeyple but I'm not familiar with Zeyple codebase.
Best Regards.
Today I waited eagerly for a mail but I had to discover that it was zeyple that had trouble dealing with it:
Dec 4 19:56:49 vps108 postfix/qmgr[3471]: CB2D344125: from=<pm_bounces@###########>, size=17285, nrcpt=1 (queue active)
Dec 4 19:56:50 vps108 postfix/pipe[19895]: CB2D344125: to=<############@#####.##>, orig_to=<#############@nithanim.me>, relay=zeyple, delay=2.3, delays=0.79/0.01/0/1.5, dsn=5.3.0, status=bounced (Command died with status 1: "/usr/local/b
in/zeyple.py". Command output: Traceback (most recent call last): File "/usr/local/bin/zeyple.py", line 264, in <module> zeyple.process_message(message, recipients) File "/usr/local/bin/zeyple.py", line 105, in process_message
out_message = self._encrypt_message(in_message, key_id) File "/usr/local/bin/zeyple.py", line 156, in _encrypt_message payload = payload.encode('ascii') UnicodeDecodeError: 'ascii' codec can't decode byte 0xc2 in position 14112:
ordinal not in range(128) )
Since I don't have the original mail I cannot provide you with any more details (at least as far as I know). It would be really helpful if the mail would not have bounced and would have sent it unencrypted to me instead. ref /issues/20
I have a HTML mail that causes is_multipart() to return False. Looking at the zeyple code it is then converted to a text/plain multipart and encrypted afterwards. After decrypting the mail my client happily shows me the HTML as text.
<...snip...headers>
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<!doctype html>
<...snip...more HTML>
This is good advice for system administrators
The advice rightfully say that you shouldn't download random things from the internet.
I think tags should be signed. This will improve security for system administrators directly using your code, and future debian packagers.
Hi,
first of all, thanks for the script, it's working great :)
Would it be possible to not only crypt outgoing mails but also sign them? I tried by myself to implement that feature, but unfortunately I've no clue about python.
I'm not sure if this is a zeyple issue or postfix configuration problem but
without "content_filter = zeyple" sending unencrypted mails works fine.
I followed install instructions from https://github.com/infertux/zeyple/blob/master/INSTALL.md
As soon in set
content_filter = zeyple
in /etc/postfix/main.cf i get a "Relay access denied".
$ date | mail -s testmail [email protected]
<[email protected]>: Command died with status 1: "/usr/local/bin/zeyple.py".
Command output: Traceback (most recent call last): File
"/usr/local/bin/zeyple.py", line 274, in <module>
zeyple.process_message(message, recipients) File
"/usr/local/bin/zeyple.py", line 126, in process_message
self._send_message(out_message, recipient) File
"/usr/local/bin/zeyple.py", line 260, in _send_message
smtp.sendmail(message['From'], recipient, message.as_string()) File
"/usr/lib/python2.7/smtplib.py", line 747, in sendmail raise
SMTPRecipientsRefused(senderrs) smtplib.SMTPRecipientsRefused:
{'[email protected]': (454, '4.7.1 <[email protected]>: Relay access
denied')}
$ cat /var/log/zeyple.log
2017-07-01 11:43:17,019 29616 INFO Zeyple ready to encrypt outgoing emails
2017-07-01 11:43:17,020 29616 INFO Processing outgoing message <20170701094316.EED64817E4@<hostname>.dedicated.hosteurope.de>
2017-07-01 11:43:17,020 29616 INFO Recipient: [email protected]
2017-07-01 11:43:17,020 29616 INFO Trying to encrypt for [email protected]
2017-07-01 11:43:17,034 29616 INFO Key ID: <some-key>
2017-07-01 11:43:17,054 29616 INFO Sending message <20170701094316.EED64817E4@<hostname>.dedicated.hosteurope.de>
$ postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
content_filter = zeyple
inet_interfaces = loopback-only
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = <hostname>.dedicated.hosteurope.de, localhost.dedicated.hosteurope.de, , localhost
myhostname = <hostname>.dedicated.hosteurope.de
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
I have zyple installed and it's working perfectly except I have hit a bit of a snag. All of my scripts are setup to send email to the root user. I then control the final destination for the email by using /etc/aliases. So, I have a line in /etc/aliases that looks like this:
# Person who should get root's mail
root: [email protected]
Then, when I send email there is a line in my /var/log/mail.log like this:
Oct 2 10:28:00 host1 postfix/smtp[11878]: 7221DK241B: to=<[email protected]>, orig_to=<root@host1>, status=sent (250 Great success)
When I setup zeyple I imported the public key for [email protected]. But, in /var/log/zeyple.log I see the following when I send an email to root:
2018-10-02 10:27:59,430 11859 INFO Processing outgoing message <20181002172759.7221DK241B@host1>
2018-10-02 10:27:59,430 11859 INFO Recipient: root@host1
2018-10-02 10:27:59,431 11859 INFO Trying to encrypt for root@host1
2018-10-02 10:27:59,463 11859 INFO Key ID: None
2018-10-02 10:27:59,463 11859 WARNING No keys found, message will be sent unencrypted
Sorry if this is a basic question, my postfix skills are pretty basic. Is there some setting I need to tweak so zeyple sees the final recipient and not the orig_to
, or would this be a feature request for zeyple to use /etc/aliases to determine which key to lookup?
Today one send forwarded me a bounce message from generated from zeple.
For the moment I don't have the original message send to zeyple to track the issue down.
The error reported is:
Command died with status 1: "/usr/local/bin/zeyple.py".
Command output: Traceback (most recent call last):
File "/usr/local/bin/zeyple.py", line 386, in zeyple.process_message(message, recipients) File "/usr/local/bin/zeyple.py", line 198, in process_message out_message = self._encrypt_message(in_message, key_id)
File "/usr/local/bin/zeyple.py", line 255, in _encrypt_message payload = payload.encode('ascii') UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 621: ordinal not in range(128)
Some mail clients encodes the content as "quoted-printable". This makes sure umlauts like ä, ö, é, ... (8-bit data) will be transmitted over a 7-bit data path [1].
The sending client therefore will change an "ä" for example, into an "=E4". The receiving client should read the following header and if set to quoted-printable, it should decode such chars back into 8-bit data.
Content-Transfer-Encoding: quoted-printable
Zeyple encrypts the encoded data "=E4", and removes the important header:
Line 120 in 79e21e8
If you receive such an email, you only see encoded data (like "=E4" instead of "ä").
You can reproduce this behaviour with the "mail" tool (installed by running yum install -y mailx
on CentOS 7).
Make sure you have removed the receiver's PGP public key and run:
echo "ä" | mail -S encoding=quoted-printable -s test -r [email protected] [email protected]
Mail client show the char "ä" correctly. The raw mail looks like:
[... omitted ...]
Content-Transfer-Encoding: quoted-printable
[... omitted ...]
=E4
This is the expected result.
Make sure you have installed the receiver's PGP public key and run:
echo "ä" | mail -S encoding=quoted-printable -s test -r [email protected] [email protected]
Mail client shows the char "ä" incorrectly as "=E4".
Content-Transfer-Encoding
in the mail header isn't set. But it actually doesn't have to be set, because the payload is encrypted anyways and I think, setting this header is useless for encrypted data.
Expected is, that the mail client shows "ä" instead of the encoded "=E4".
Zeyple actually should act like a mail client. It should interpret its receiving mail like a mail client. Therefore, zeyple should honour the Content-Transfer-Encoding
header. If it is set to quoted-printable
, zeyple should decode the payload before it encrypts the payload. This could be done using the quopri module [2]. Afterwards, the header can be removed.
Maybe I'll file a pull request with a code suggestion later.
[1] https://en.wikipedia.org/wiki/Quoted-printable
[2] https://docs.python.org/2/library/quopri.html
Hi,
first of all thanks for the useful plugin! Unfortunately I get the following error in the logs while trying to send an encrypted mail (using the sendmail
command):
Command died with status 1: "/usr/local/bin/zeyple.py". Command output: Traceback (most recent call last): File "/usr/local/bin/zeyple.py", line 285, in <module> zeyple.process_message(message, recipients) File "/usr/local/bin/zeyple.py", line 123, in process_message self._send_message(out_message, recipient) File "/usr/local/bin/zeyple.py", line 269, in _send_message self.config.get('relay', 'port')) File "/usr/lib/python2.7/smtplib.py", line 256, in __init__ (code, msg) = self.connect(host, port) File "/usr/lib/python2.7/smtplib.py", line 316, in connect self.sock = self._get_socket(host, port, self.timeout) File "/usr/lib/python2.7/smtplib.py", line 291, in _get_socket return socket.create_connection((host, port), timeout) File "/usr/lib/python2.7/socket.py", line 557, in create_connection for res in getaddrinfo(host, port, 0, SOCK_STREAM): socket.error: getaddrinfo() argument 2 must be integer or string
Can somebody help me?
OS: Ubuntu 16.04
Python 2.7.12
Thanks and regards!
After deploying zeyple, it seems mails encoded in UTF-8 sent with at least PHP mailer are not properly encoded.
For example, in plain I get this:
Return-Path: <[email protected]>
Delivered-To: <[email protected]>
Received: from mail.mirtouf.fr
by mail.mirtouf.fr (Dovecot) with LMTP id v705CcMfwlm/TAAAh7BUjQ
for <[email protected]>; Wed, 20 Sep 2017 09:58:59 +0200
Received: from mail.mirtouf.fr (localhost [127.0.0.1])
by mail.mirtouf.fr (Postfix) with ESMTP id EFD1841877;
Wed, 20 Sep 2017 09:58:58 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.9.1 mail.mirtouf.fr EFD1841877
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mirtouf.fr; s=mail;
t=1505894339; bh=thKiSLWg84LozQghGCrVVdYLyDZahDb/qvbe0IRDCTM=;
h=To:Subject:Date:From:From;
z=To:[email protected]|Subject:=20=3D?UTF-8?Q?[mirtouf,_le_web_
0.1]_Votre_site_a_=3DC3=3DA9t=3DC3=3DA9_mis_=3DC3=3DA0_jou?=3D=20=
20=3D?UTF-8?Q?r_vers_WordPress_4.8.2?=3D|Date:=20Wed,=2020=20Sep=2
02017=2007:58:56=20+0000|From:=20WordPress=20<[email protected]
>;
b=U3QupqxEyXbn3ASYmOLJvqh23KQZ5/CdSkKTfxietV9BANAO1fkPCrdw5zSFu/U3f
5WfdQ9/UzlmJXwpzsxR2HC8w0npaIjTfUUN2lOTv+rfFCNisqrSFuSHGm6qvCIgigk
D/iV2LUry6IPtVm8Ihc4po4af6srWroYg4zsaMVg=
Received-SPF: Pass (mail.mirtouf.fr: domain of jupiter.mirtouf.fr designates 62.210.7.183 as permitted sender) client-ip=62.210.7.183; envelope-from="[email protected]"; helo=jupiter.mirtouf.fr; receiver=mail.mirtouf.fr; mechanism=a; identity=mailfrom
Authentication-Results: mail; dmarc=fail header.from=mirtouf.fr
Received: from jupiter.mirtouf.fr (mirtouf.fr [62.210.7.183])
by mail.mirtouf.fr (Postfix) with ESMTP id 8BA1740B1F
for <[email protected]>; Wed, 20 Sep 2017 09:58:53 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.9.1 mail.mirtouf.fr 8BA1740B1F
Authentication-Results: mail.mirtouf.fr; dkim=none reason="no signature";
dkim-atps=neutral
Received: by jupiter.mirtouf.fr (Postfix, from userid 33)
id 8D976F20123; Wed, 20 Sep 2017 09:58:56 +0200 (CEST)
To: [email protected]
Subject: =?UTF-8?Q?[mirtouf,_le_web_0.1]_Votre_site_a_=C3=A9t=C3=A9_mis_=C3=A0_jou?= =?UTF-8?Q?r_vers_WordPress_4.8.2?=
X-PHP-Originating-Script: 33:class-phpmailer.php
Date: Wed, 20 Sep 2017 07:58:56 +0000
From: WordPress <[email protected]>
Message-ID: <[email protected]>
X-Mailer: PHPMailer 5.2.22 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-AV-Checked: ClamAV using ClamSMTP
displaying:
Salutations ! Votre site à l’adresse https://www.mirtouf.fr a été automatiquement mis à jour vers WordPress 4.8.2.
Vous n’avez rien de plus à faire. Pour en savoir plus sur la version 4.8.2, lisez l’écran À Propos de WordPress :
https://www.mirtouf.fr/wordpress/wp-admin/about.php
Si vous rencontrez des problèmes ou avez besoin d’assistance, les volontaires du forum d’entraide de wpfr.net devraient pouvoir vous aider.
https://wpfr.net/support/
Certains de vos thèmes et extensions ont également des mises à jour disponibles. Veuillez les mettre à jour dès maintenant :
https://www.mirtouf.fr/wordpress/wp-admin/
L’équipe WordPress
and with zeyple deployed:
Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from mail.mirtouf.fr
by localhost (Dovecot) with LMTP id rZlSLUiP+FnNWQAA0J78UA
for <[email protected]>; Tue, 31 Oct 2017 15:57:12 +0100
Received: from mail.mirtouf.fr (localhost [127.0.0.1])
by mail.mirtouf.fr (Postfix) with ESMTP id A8069281576
for <[email protected]>; Tue, 31 Oct 2017 15:57:12 +0100 (CET)
Received: from scw-6eda6c.cloud.online.net (mirtouf.fr [51.15.219.206])
by mail.mirtouf.fr (Postfix) with ESMTP id DC4C4280781
for <[email protected]>; Tue, 31 Oct 2017 15:57:10 +0100 (CET)
Received: by scw-6eda6c.cloud.online.net (Postfix, from userid 33)
id F152762870; Tue, 31 Oct 2017 15:57:09 +0100 (CET)
To: [email protected]
Subject: =?UTF-8?Q?[mirtouf,
_le_web_0.1]_Votre_site_a_=C3=A9t=C3=A9_mis_=C3=A0_jou?=
=?UTF-8?Q?r_vers_WordPress_4.8.3?=
X-PHP-Originating-Script: 33:class-phpmailer.php
Date: Tue, 31 Oct 2017 14:57:09 +0000
From: WordPress <[email protected]>
Message-ID: <[email protected]>
X-Mailer: PHPMailer 5.2.22 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
X-Spam-Status: No, score=-10.91
X-Rspamd-Server: mail
Authentication-Results: mail.mirtouf.fr;
dmarc=fail reason="SPF not aligned (strict), No valid
DKIM" header.from=mirtouf.fr policy=quarantine;
spf=pass [email protected]
X-Rspamd-Queue-Id: DC4C4280781
X-Spamd-Result: default: False [-10.91 / 8.00] HAS_WP_URI(0.00)[]
R_DKIM_NA(0.00)[]
HFILTER_HELO_NORES_A_OR_MX(0.30)[scw-6eda6c.cloud.online.net]
TO_DN_NONE(0.00)[] TO_DOM_EQ_FROM_DOM(0.00)[]
LOCAL_WL_IP(-10.00)[51.15.219.206] MIME_GOOD(-0.10)[text/plain]
HFILTER_HELO_IP_A(1.00)[scw-6eda6c.cloud.online.net]
R_SPF_ALLOW(-0.20)[+a] RCVD_NO_TLS_LAST(0.00)[]
FROM_NEQ_ENVFROM(0.00)[[email protected],[email protected]]
RCPT_COUNT_ONE(0.00)[1] MID_RHS_WWW(0.50)[]
ENVFROM_SERVICE_ACCT(1.00)[] RCVD_COUNT_TWO(0.00)[2]
MX_GOOD(-0.50)[mail.mirtouf.fr] FORGED_SENDER(0.30)[]
ARC_NA(0.00)[] HAS_PHPMAILER_SIG(0.00)[] HAS_X_POS(0.00)[]
ASN(0.00)[asn:12876, ipnet:51.15.0.0/16, country:FR]
DMARC_POLICY_QUARANTINE(1.50)[mirtouf.fr : SPF not aligned (strict),
No valid DKIM, quarantine]
IP_SCORE(-4.71)[ip: (-9.89), ipnet: 51.15.0.0/16(-7.76), asn: 12876(-4.91),
country: FR(-0.98)] FROM_HAS_DN(0.00)[]
TO_MATCH_ENVRCPT_ALL(0.00)[]
Content-Type: multipart/encrypted; protocol="application/pgp-encrypted";
boundary="===============1367605545734072094=="
This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--===============1367605545734072094==
Content-Type: application/pgp-encrypted
MIME-Version: 1.0
Content-Description: PGP/MIME version identification
Version: 1
--===============1367605545734072094==
Content-Type: application/octet-stream; name="encrypted.asc"
MIME-Version: 1.0
Content-Description: OpenPGP encrypted message
Content-Disposition: inline; filename="encrypted.asc"
-----BEGIN PGP MESSAGE-----
hQIMA3tGWStApHijAQ//YMsVRR4cD5+CKELMl3Q+HcSfImww6Jcs526Zil5Z7Ecy
VsigWxwb9iXgVjzoo6LdJ2+uLc7QlIBCIyi8RUQ35yzTlbx6Oqpx0EGWyHIfkc+B
kgIj0Q6/E+BfZt59wo2RVbsTYFmZ9LWqkUoNowDXUgdyNqfKyIlu85O7p+FWoPr/
tATNgFKa0/gnysOoezOmkp96AlLznBAcxiHT2bfWK8cLmHdqhaODYjVvikJYDOPQ
ueRYLWdEzF1z1nDsDCY1krw5UrO8YM0xdjycJjevypmTqrkoELmb/5/b5NE69eOH
7ZEN1EIQ+npBYRiwZqzarQTONe/613YNu2ElHZ4x4ASkH9Ru4trK9OCSZgwX0AYZ
S7SfTCgpDHML0/lePjODa/HwlZZAP+Bo5Bkk0Dn9AP8jtZ+TddRNZ7gl1Zjg5Bun
m7uVLYK7tIw25EhfQK95MAYIG11KpUiB8+cwPTsB4aPtceA24b5cBKC/kvIeFepF
3lL47CfQbfnG3Bj6pAcFFNqqrYLoHyg6L6L3ss+qkBULCzFLlyt5CaQDRPT0y5Wd
QcsngIT10jnRTQ9wM8ZLbdv8f0TG9peFbJYbs7/3wIihWhU7/vROcRpLjM8B0FVM
uGLlzZBS95KVZ0EarxLVAVqT6FdMAWh3HfU3MhuTdYbeHH1YoHchR5kbpaF3hMXS
6QF92iB+EdA2MtNXth7cLcVGDCu8KRIRqNJEbq/KaC9gwnaaQZhGdFEIIXDNvbUb
9VeWcq5VmBHbTzBa+vmWxtj49Q/tDoN7Yc8FBYBMJqrcBcBwiwEB9UuSuN+ePa90
HuJeCf2e7yIhrjefPPjg8rmjj68jkoDykOajQRqKMwJhaJlDXK3XQJAFDm7FoxQq
LvhJ5J6BgBad69jSYP08gFDKWt2SBN6UszYsu7Jg0BQg3xd/+vStd0NQetWrcPco
57x3pQW34hK6wRIuQS751zIlvz8L5vWbYNcFbIrE/x7xRKFuKbAXlXbPhZakWjb2
QbaVUN3ZOVMhwE3HE3Yn/kX5aNiEcTr1kR52TPnrfaXgX1oR/Oa6Q1G2LBXp/jin
d7Vcj7U6pxepQgT77p2ogYaniMTh4iwvAuebe7L8ck0lbJsbmTH+6LI2eyzR60f+
qzWsc94RQQce4RkzDui0pGcyaIBQ15EeRJJ2ZyKgMu2s3wPqdaq1mh/Pdbu9QBi0
MXxZJi1NpHeZgcbqv3OgpiEzUBrtawzWgNuGjol/+pIjbi08r+c0T3PLkHGRVfBz
Ingkvq8/55yIcjZl8LH2YAZ/YP999j/xcYpYKLX8iTiKjnMEbPIj9Pu1yJj0eLjT
0w8RbkS4Km75WvAVUO/QXbS6BUS+tCgdHUpeuXs7maqDZMQ2L5heoDXu9Hl8vBHi
35SnL+GrWoGQMTw0gd+hrIUZbvlRNAUV/5vhxetOjiaMw8/2YHGbDpkIUNaXi+Bn
DBBooyHV7xztHmB87X5mIguzSK/Q4Ep39V03kgQRFj5DiMTEZvg=
=BzU2
-----END PGP MESSAGE-----
--===============1367605545734072094==--
which results in:
Salutations ! Votre site à l’adresse https://www.mirtouf.fr a été automatiquement mis à jour vers WordPress 4.8.3.
Vous n’avez rien de plus à faire. Pour en savoir plus sur la version 4.8.3, lisez l’écran À Propos de WordPress :
https://www.mirtouf.fr/wordpress/wp-admin/about.php
Si vous rencontrez des problèmes ou avez besoin d’assistance, les volontaires du forum d’entraide de wpfr.net devraient pouvoir vous aider.
https://wpfr.net/support/
Certains de vos thèmes et extensions ont également des mises à jour disponibles. Veuillez les mettre à jour dès maintenant :
https://www.mirtouf.fr/wordpress/wp-admin/
L’équipe WordPress
Of course using GPG alongside Thunderbird and Enigmail does not give me this issue.
Do you have any hints to debug this ? I found no errors in zeyple.log
If a Debian package is created including fpm/after-install.sh the configuration of the package
fails with this error message if pip is not insatlled:
/var/lib/dpkg/info/tng-zeyple.postinst: 46: /var/lib/dpkg/info/tng-zeyple.postinst: pip: not found
/var/lib/dpkg/info/tng-zeyple.postinst: 46: /var/lib/dpkg/info/tng-zeyple.postinst: pip: not found
IMHO the change to this file introduced in commit 52ff087
is strange: Dependencies should be handled in fpm/create and not in a post install script.
The zyple.py script has support for smtp.sendmail.
How to configure relay via standard unix sendmail command in config file /etc/zeyple.conf
instead of host and port?
Thanks
Something similar to http://man.he.net/man8/apt-key instead of https://github.com/infertux/zeyple#key-management.
The script/binary could be named zeyple-key
or simply zeyple
.
When Zeyple crashes for whatever reason, the email bounces back to the recipient as an unencrypted attachment. We might need to add some config option to avoid that?
See #35
Right now when a local key expires, Zeyple fails with the following message which isn't super explicit.
Command died with status 1:
"/usr/sbin/zeyple". Command output: Traceback (most recent call last):
File "/usr/sbin/zeyple", line 264, in <module>
zeyple.process_message(message, recipients) File "/usr/sbin/zeyple", line
105, in process_message out_message = self._encrypt_message(in_message,
key_id) File "/usr/sbin/zeyple", line 185, in _encrypt_message
encrypted_payload = self._encrypt_payload(payload, [key_id]) File
"/usr/sbin/zeyple", line 219, in _encrypt_payload plaintext,
ciphertext) gpgme.GpgmeError: (0, 1, u'General error')
It'd be nice to override it with something more helpful than General error
.
I have set up a docker image for zeyple devs, maybe it's helpful: https://gitlab.com/nebulon42/zeyple-docker
The current installation process is really tedious.
I made a simple bodged example of how I made a "encrypt, sign and forward everything to 1 email" setup for reading on K-9 Mail/Open Keychain which didn't like zeyple's attachment style of encryption. I used "os.popen" instead of the gpg module (which seems lacking). (Using curl with Gmail also requires allowing less secure transfers for the account which isn't ideal).
Perhaps this will be helpful in making a more robust solution as I'm not really familiar with python.
/usr/local/bin/zeyple.py
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
import os
try:
from configparser import SafeConfigParser # Python 3
except ImportError:
from ConfigParser import SafeConfigParser # Python 2
# Boiler plate to avoid dependency on six
# BBB: Python 2.7 support
PY3K = sys.version_info > (3, 0)
#if __name__ == '__main__':
if True:
recipients = sys.argv[1:]
# BBB: Python 2.7 support
binary_stdin = sys.stdin.buffer if PY3K else sys.stdin
message = binary_stdin.read()
f = open("/home/zeyple/.gnupg/message.enc", "w")
text = message
posa = text.find("Subject: ")
subject = text[posa:].split("\n",1)
subject = subject[0]
text = text.partition("\n\n")
f.write( text[2] )
f.close()
os.popen("gpg --homedir /home/zeyple/.gnupg --batch --yes --passphrase=CERTPASSGOESHERE --pinentry-mode loopback --always-trust -ea --sign -u \"John Smith <[email protected]>\" -r \"John Smith <[email protected]>\" -o - /home/zeyple/.gnupg/message.enc > /home/zeyple/.gnupg/message2.enc")
#Needed for curl
os.popen('sed -i -E \":a;N;$!ba;s/\r{0,1}\n/\\n/g\" /home/zeyple/.gnupg/message2.enc')
f = open("/home/zeyple/.gnupg/message2.enc", "r")
text = f.read()
text = text.partition("-----")
body = text[2]
f.close()
os.popen("echo \"" + subject + " \n\n-----" + body + "\" | /usr/bin/cur l--retry 5 --url smtps://smtp.gmail.com:465 --mail-from [email protected] --mail-rcpt [email protected] --user [email protected]:fakeemailpassword --ssl-reqd --insecure --silent --ciphers ECDHE-RSA-AES128-GCM-SHA256 -T -")
os.remove('/home/zeyple/.gnupg/message.enc')
os.remove('/home/zeyple/.gnupg/message2.enc')
Umlauts in the subject and body seem to crash:
"/usr/lib/python2.7/encodings/utf_8.py", line 16, in decode return
codecs.utf_8_decode(input, errors, True) TypeError: don't know how to
handle UnicodeDecodeError in error callback```
Add force_encrypt
boolean flag - inspired by Rafiot@e685b5c
I made a build-script for vagrant to be able to setup a test environment with only one command.
You can find it on this branch: https://github.com/Nithanim/zeyple/tree/vagrant I am still getting the hang of cross-repository-interaction and I don't want to merge my branch directly into master. How would I issue a pull request in the best way?
In the German language we've the special characters ü,ö,ß which were not readable after an encrpytion with zeplye in version 1.1.0.
I've seen that this version contains already a fix for Thunderbird (del out_message["Content-Transfer-Encoding"]).
Nevertheless I had charachter issues with Outlook 2013, roundcube as webmail and Thunderbird for testing.
Below I've attached a proposal (patch related to v.1.1.0) which fixed the issue in my environment.
BR Christian
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.