Zeyple automatically encrypts outgoing emails with GPG:
- It catches emails from your Postfix queue
- Then encrypts them if it's got the recipient's GPG public key
- Finally it puts them back into the queue
unencrypted email || encrypted email sender --> Postfix --> Zeyple --> Postfix --> recipient(s)
Why should I care? If you are a sysadmin who receives emails from various monitoring tools like Logwatch, Monit, Fail2ban, Smartd, Cron, whatever - it goes without saying that those emails contain lots of information about your servers. Information that may be intercepted by some malicious hacker sniffing SMTP traffic, your email provider, <insert your (paranoid) reason here>... Why would you take that risk - encrypt them all!
See INSTALL.md & UPGRADE.md.
Just comment/uncomment the line content_filter = zeyple
in your /etc/postfix/main.cf
then postfix reload
.
- List of keys:
sudo -u zeyple gpg --homedir /var/lib/zeyple/keys --list-keys
- Update imported keys:
sudo -u zeyple gpg --homedir /var/lib/zeyple/keys --keyserver hkp://keys.gnupg.net --refresh-keys
- Import a new key:
sudo -u zeyple gpg --homedir /var/lib/zeyple/keys --keyserver hkp://keys.gnupg.net --search you@domain.tld
Although tested only with Postfix, Zeyple should integrate nicely with any MTA which provides a filter/hook mechanism. Please let me know if you experiment with this.
A Docker image is available for development purposes.
A fully-setup test-environment is available to easily test your modifications. Vagrant and a compatible virtualization environment (VirtualBox for example) are required. Visit zeyple-vagrant for download and more information.
See CONTRIBUTING.md.
Many thanks to Harry Knitter for his feedback to help make Zeyple more robust.
- http://www.linux-magazine.com/Issues/2013/153/Email-Encryption-with-Zeyple
- http://blog.infertux.com/2015/10/25/announcing-zeyple/
- http://labs.infertux.com/zeyple/
AGPLv3+