Solved

How to send signed email using the roundcube, dovecot, and postfix

Posted on 2014-12-23
4
307 Views
Last Modified: 2014-12-30
I have Postfix, Dovecot, Roundcube, and mysql based on Centos 6.3 how can I set it up to send signed email?
0
Comment
Question by:Ashraf Hassanein
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
noci earned 500 total points
ID: 40517527
Web-based mail + the secret part of a certificate in general are not a happy combination.
The primary use of Web-Based mail (i.e. Roundcube) is that in can be used from a generic webserver (f.e. a hosted one) where you have no control over the underlying OS , hardware etc.

Those are bad places to leave the private part of certificates lying around. As you can loose them without knowing it.
And because the software needs a readable version of the pass-phrase that is available in the server too.
So basicly there is no valid use case to develop software for this, that is also secure.. (The basic premise why you would want mail encryption anyway.)

Signed & Encrypted email are safe because the underlying premise is that the passphrase never leaves the application that it is entered into.
0
 

Author Comment

by:Ashraf Hassanein
ID: 40517897
I believe I mixed alot of stuff together,  but to be more specific I want to be able to signed email only from rounscube (not encrypted ).
It more a small business email so I own the server and have a full control on it.
I that  possible.
0
 
LVL 40

Expert Comment

by:noci
ID: 40523516
Please define signing...:
The cryptographic variant is encrypting portion of the header that you "encrypt"/"hash" using a private/ public key pair so other ca verify you sent the mail. This needs the same pretext as encryption. (only you private key on the server) ... so see above.

Signing as in -- on a line with something beneath it...
That is easy. Go to settings, identity, and fill out the textbox for it. And mark it as html if that is needed.

Be aware to not send your autograph in a picture, otherwise anybody can photoshop that into any letter.
0
 

Author Comment

by:Ashraf Hassanein
ID: 40524755
Thank you for your clarifications in both posts, the first one explaind a lot
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Article by: Dermot
The life of crime is over for 22 year-old Christian Ian Salvador, a student from Isabela State University in the Philippines.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question