RFC 2015 and the Rand MH System
Well, not much blurb here, but just a quick description of how
I have managed to get the Rand MH system working (almost) with RFC 2015
encrypted MIME email... The scripts work as follows: mhencrypt scans
a message for the To: line, determines if all of the names on said
line are in your keyring and if so wordlessly encrypts the message
to all of them (and yourself.) pgpmail simply runs the message through
pgp and sends the output through mhn (since it may contain more
MIMEd things).
Simply put I just added lines:
automhnproc: mhencrypt
mhn-show-multipart/encrypted: pgpmail %f
to my .mh_profile and set up the scripts
mhencrypt and
pgpmail in a hit by
my PATH sort of way.
Oh, and mhencrypt needs two files, called
mhl.headers and
mhl.message . It
looks for these in /usr/local/lib/pgpmail/, but
it is quite trivial to change that. In fact, I am
going to change that once I get around to making the
whole process a bit more robust.
These scripts use ksh, since I wanted to use the RANDOM
environment variable, but it should be trivial to change
the to sh. (In fact I think it does work -- just the tmp
files have different names.)
Obviously these scripts are not a finished solution, but
I find that time is quite lacking. But the sorts of things
that I need to do are:
- Deal with multipart/signed.
- Make sure that the tmp files do not exist.
- Have the autoencrypt ask a few questions or at least
have the option to have it ask questions.
- Honour TMPDIR, and not just assume /tmp. Consider a PGPTMPDIR.
- Check cc: as well as To: (should be easy :)
- Check for existence of Bcc: and if it exists, then
don't encrypt. (To encrypt to the Bcc: people would
defeat the purpose of them being blind, and to not
encrypt to them would defeat the purpose of sending
it to them...)
- Only encrypt to self if Fcc: is present.(??) Or
just let the user's config handle it.
- I have been tossing around the concept of rewriting
large chunks of nmh's (new MH) mhn to deal better
with multipart types. That would make the whole
process a lot better. (Esp. adding a bit that allows
the output of a command to be reinterpreted...)
- Etc.
But hopefully these might be of some use to someone who can
hack them around a bit.