Zeyple is a Postfix filter/hook to automatically encrypt outgoing emails with GPG/PGP.
Python Shell
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
fpm
selinux
tests
zeyple
.gitignore
.travis.yml
CHANGELOG.md
CONTRIBUTING.md
INSTALL.md
LICENSE
README.md
UPGRADE.md
requirements.txt
tox.ini
upgrade.sh

README.md

ZEYPLE: Zeyple Encrypts Your Precious Log Emails Build Status

Zeyple automatically encrypts outgoing emails with GPG:

  1. It catches emails from your Postfix queue
  2. Then encrypts them if it's got the recipient's GPG public key
  3. Finally it puts them back into the queue
     unencrypted email   ||   encrypted email
sender --> Postfix --> Zeyple --> Postfix --> recipient(s)

Why should I care? If you are a sysadmin who receives emails from various monitoring tools like Logwatch, Monit, Fail2ban, Smartd, Cron, whatever - it goes without saying that those emails contain lots of information about your servers. Information that may be intercepted by some malicious hacker sniffing SMTP traffic, your email provider, <insert your (paranoid) reason here>... Why would you take that risk - encrypt them all!

Install & upgrade

See INSTALL.md & UPGRADE.md.

Disable/enable Zeyple

Just comment/uncomment the line content_filter = zeyple in your /etc/postfix/main.cf then postfix reload.

Key management

  • List of keys: sudo -u zeyple gpg --homedir /var/lib/zeyple/keys --list-keys
  • Update imported keys: sudo -u zeyple gpg --homedir /var/lib/zeyple/keys --keyserver hkp://keys.gnupg.net --refresh-keys
  • Import a new key: sudo -u zeyple gpg --homedir /var/lib/zeyple/keys --keyserver hkp://keys.gnupg.net --search you@domain.tld

Integration with other MTAs

Although tested only with Postfix, Zeyple should integrate nicely with any MTA which provides a filter/hook mechanism. Please let me know if you experiment with this.

Docker

A Docker image is available for development purposes.

Vagrant

A fully-setup test-environment is available to easily test your modifications. Vagrant and a compatible virtualization environment (VirtualBox for example) are required. Visit zeyple-vagrant for download and more information.

Contributing

See CONTRIBUTING.md.

Kudos

Many thanks to Harry Knitter for his feedback to help make Zeyple more robust.

Blog posts & articles

License

AGPLv3+