Skip to content

az143/kuvert

Repository files navigation

this is kuvert, a wrapper around sendmail or other MTAs that
does gpg signing/signing+encrypting transparently, based
on the content of your public keyring(s) and your preferences.

how it works:
-------------

you need to configure your MUA to submit mails to kuvert instead of 
directly. you configure kuvert either to present an SMTP server to
your MUA, or you make your MUA to use kuvert_submit instead of executing
/usr/sbin/sendmail. kuvert_submit will spool the mail
in kuvert's queue iff there is a suitable configuration file.

kuvert is the tool that takes care of mangling the email. it reads the 
queue periodically and handles emails in the queue: signing or encrypting
the mail, then handing it over to /usr/lib/sendmail or an external SMTP 
server for transport.

(why a queue? because i thought it might be useful to make sure that none of
your emails leaves your system without kuvert handing it. you might be 
very paranoid, and kill kuvert whenever you leave your box (and remove
the keyrings as well).)

installation:
-------------

on debian systems you simply install the kuvert package, construct
a suitable .kuvert configuration file and off you go. 
an example config file is provided 
at /usr/share/doc/kuvert/examples/dot-kuvert.

on other systems you need to do the following:

you need perl perl 5.10+, gpg and some of non-core perl modules:
MIME::Parser, Mail::Address, Net::SMTP 1.28 (in core but not new enough
with some distributions), IO::Socket::SSL 2.007, Net::Server::Mail::ESMTP,
File::Slurp, Proc::ProcessTable and Encode::Locale.

optional: get linux-kernel keyutils package, the gpg-agent or some 
other passphrase cache of your choice.

run make, make install DESTDIR=/ as root
-> kuvert, kuvert_submit, the manpages and one helper module 
will be installed in /usr/bin, /usr/share/man/man1 and 
/usr/share/perl5/Net/Server/Mail/ESMTP/, respectively.

configuration:
--------------

read the manpages for kuvert(1) and kuvert_submit(1) and 
consult the example config file "dot-kuvert". you will need
to create your own config file as ~/.kuvert. sorry, no autoconfig here:
this step is too crucial for a mere robot to perform. 

then start kuvert and inject a testmail, look at the logs to check
if everything works correctly.

(historical note: kuvert came into existence in 1996 as pgpmail and
was used only privately until 99, when it was extended and renamed
to guard. some of my friends started using this software, and in 
2001 it was finally re-christened kuvert, extended even further
and debianized. in 2008 it received a major overhaul to also provide 
inbound smtp as submission mechanism, outbound smtp transport and better
controllability via email addresses. until 2008 kuvert supported pgp2.x.)

please report bugs to me, Alexander Zangerl, <[email protected]>.

The original source can always be found at:
	http://www.snafu.priv.at/kuvert/

Copyright (C) 1999-2017 Alexander Zangerl

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License version 2
  as published by the Free Software Foundation.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License with
  the Debian GNU/Linux distribution in file /usr/share/common-licenses/GPL;
  if not, write to the Free Software Foundation, Inc., 59 Temple Place,
  Suite 330, Boston, MA  02111-1307  USA