Zeyple automatically encrypts outgoing emails with GPG:
- It catches emails from your Postfix queue
- Then encrypts them if it's got the recipient's GPG public key
- Finally it puts them back into the queue
unencrypted email || encrypted email sender --> Postfix --> Zeyple --> Postfix --> recipient(s)
Why should I care? If you are a sysadmin who receives emails from various monitoring tools like Logwatch, Monit, Fail2ban, Smartd, Cron, whatever - it goes without saying that those emails contain lots of information about your servers. Information that may be intercepted by some malicious hacker sniffing SMTP traffic, your email provider, <insert your (paranoid) reason here>... Why would you take that risk - encrypt them all!
Install & upgrade
Just comment/uncomment the line
content_filter = zeyple in your
- List of keys:
sudo -u zeyple gpg --homedir /var/lib/zeyple/keys --list-keys
- Update imported keys:
sudo -u zeyple gpg --homedir /var/lib/zeyple/keys --keyserver hkp://keys.gnupg.net --refresh-keys
- Import a new key:
sudo -u zeyple gpg --homedir /var/lib/zeyple/keys --keyserver hkp://keys.gnupg.net --search email@example.com
Integration with other MTAs
A Docker image is available for development purposes.
A fully-setup test-environment is available to easily test your modifications. Vagrant and a compatible virtualization environment (VirtualBox for example) are required. Visit zeyple-vagrant for download and more information.
Many thanks to Harry Knitter for his feedback to help make Zeyple more robust.
Blog posts & articles