[Mailman-Developers] Secure Mailing Lists
Barry Warsaw
barry at python.org
Thu Nov 27 13:12:30 EST 2003
On Thu, 2003-11-27 at 10:49, Dietmar Maurer wrote:
> Hi all,
>
> we are looking for a solution to implement secure mailing lists. We need the following behaviour:
>
> 1.) A secure mailing list has an assiciated PGP Key.
> 2.) postings to the list are encrypted with the public key of the list.
> 3.) The list server decrypts the message, and then, for each list member, encrypts the message with the public key of the list member and sends that mail.
>
> That way the whole traffic is encrypted.
>
> Does somebody know a solution for that problem? Is there already such extension for mailman? If not, how long would it take to implement such thing?
It's not there, but I don't think it would be too hard. Here's a sketch
of a simple first take:
- Add an interface to MemberAdapter.py to set a user's public key. Add
an implementation to OldStyleMemberAdapter.py to store the key somewhere
(e.g. in a dictionary on the MailList object).
- Add u/i goo to surface the public key setting in the member's option
page. Probably as an upload box or a text box for pasting.
- Add a module to Mailman/Gui for generating and setting the list's key
pair. I'm guessing there's going to be no password on the private key
otherwise the Mailman daemon process can't really decrypt the message.
To get the pubkey, I'd either publish it on the listinfo page, or maybe
add an email command to retrieve it. The latter would go in
Mailman/Commands/do_getkey.py or some such.
- Obviously you're going to do personalized deliveries, so for any such
list you'll probably want to disable digests. You'll need to hack
Mailman/Handlers/SMTPDirect.py's verpdeliver() function do to the
encryption for each recipient. I'd probably do this part differently
depending on whether I wanted this feature for all lists at your site,
or just a few. If the former, I'd probably just rewrite SMTPDirect.py
to do the specific handling you're interested in, call it something
different, and then set DELIVERY_MODULE in mm_cfg.py.
Those are just some ideas to get you started.
-Barry
More information about the Mailman-Developers
mailing list