Pretty Good Privacy - Mail Integration Project

Pretty Good Privacy Sendmail

Release 2 (December 8, 2024)

A few comments by famous users:

“I have no idea what this program does, but the manual is very funny and a real pleasure.” — Douglas Adams

“PGPSendmail has changed my life. Even sex has become better since I installed it.” — Sharon Stone

“Unfortunately, I haven’t read the manual, but the program is very funny and a real pleasure.” — Dr. Peter Kittel, Germany

1 Copyright:

GNU GENERAL PUBLIC LICENSE

Version 2, June 1991

Copyright (C) 1989, 1991 Free Software Foundation, Inc.
                         675 Mass Ave, Cambridge, MA 02139, USA

Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.

1.1 Preamble

The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software—to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation’s software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too.

When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things.

To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it.

For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.

We protect your rights with two steps: 1) copyright the software, and 2) offer you this license which gives you legal permission to copy, distribute and/or modify the software.

Also, for each author’s protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors’ reputations.

Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone’s free use or not licensed at all.

The precise terms and conditions for copying, distribution and modification follow.

1.2 TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

1. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you".

   Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does.

2. You may copy and distribute verbatim copies of the Program’s source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.

   You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee.

3. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions:
   1. You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.
   2. You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.
   3. If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.)

   These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.

   Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program.

   In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License.

4. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:
   1. Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
   2. Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
   3. Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)

   The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.

   If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code.

5. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.
6. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it.
7. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients’ exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.
8. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.

   If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances.

   It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice.

   This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License.

9. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License.
10. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.

    Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation.

11. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally.

1.3 NO WARRANTY

BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

1.4 What is PGPSendmail?

PGPSendmail is a small tool, to encrypt your outgoing e-mail automatically. Despite the name, PGPSendmail does not handle any transport stuff, but requires the original sendmail.

PGPSendmail scans through the outgoing mail and checks whether a public key is available for the recipient(s). Multiple recipients via To: or Cc: are supported. (1) If a key is available, a requester will pop up, asking you if you’d like to encrypt the mail. When you choose the “encrypt” gadget, the message-body will be encrypted and the result will be sent to sendmail to handle the routing and transport.

Since PGPSendmail is only a front-end, it can be used in any kind of setup. It doesn’t matter whether you use AmiTCP, UUCP or whatever to deliver your mail, PGPSendmail can be customized for your requirements.

The encrypted message will look like this:

Automatically encrypted message-body follows:

-----BEGIN PGP MESSAGE-----
Version: 2.3a

owHrZAhlYmXUqV9ctnnP/pPtVcsSGRm3aDEx7G1+9enVmcr3Ff5GfN6fdKde2Zau
X3kjdonMydeTi4zuvlDZH/sia1O/ZYKDsAGXt+K+0lVOyvx9h3Yc2hUkoFXGor4m
uoSlJLW4hAEIPFIrFXIT83QUUvLz1EsUKvNLFTISy1IVivNzU0syMvPSFZJSS0pS
ixRK8oFKdBRKMhLzQOzkosTkbLAqXq7k/JTUYnsFK11NTV4uAA==
=y7/l
-----END PGP MESSAGE-----

1.5 How does it work?

PGPSendmail has to be called instead of sendmail. It determines the recipients (2) and checks whether a public key is available for each of them. Currently PGPSendmail does not handle the situation, that a few keys are available and a few not. It will not encrypt the message, even if only one key is missing.

Then PGPSendmail saves the message-body to a temporary file and encrypts it, using the keys of the recipients. Afterwards, the encrypted copy is handed over to sendmail, using exactly the same commandline PGPSendmail has been called with. PGPSendmail itself doesn’t need any parameters.

If any error occurs, PGPSendmail will stop immediately and call sendmail to handle the unencrypted mail, to prevent data-loss.

1.6 How to install PGPSendmail into your site:

The Installation of PGPSendmail is pretty simple:

• - First of all, copy ‘PGPSendmail’ somewhere into your command path, usually ‘UUCP:c/’ or ‘inet:c/’ for AS225r2.
• - Install the netsupport.library on your system. Please read the included guide “InstallingNSPLib”. PGPSendmail’s systemname for the file logging is “PGPSendmail”. (Could you guess it? :->)
• - Configure you mail reader to call PGPSendmail instead of sendmail. Just change the name of the program, leave the options and parameters alone. In fact you have to change this in any program that has the capability to send e-mails! This may include your newsreader, too.

  With AmigaELM this would be something like this:

  SendMail        pgpsendmail <$MSG
  

  ATTENTION: Do NOT change the SendMail-entry in your master config file to call pgpsendmail, or any mail routed through your system will be encrypted!

• - Now generate a list of your keyring, calling

  PGP -kvv >UULIB:PGPKeys.lst
  

  so PGPSendmail can determine whether a public key for a certain recipient is available.

  ATTENTION: You have to generate this list using the ‘-kvv’ command, or PGPSendmail won’t recognize the “also known as ...” feature of PGP.

• - If you haven’t set PGPPASS yet, the time has come to do so, or PGPSendmail won’t be able to encrypt anything. Please read PGP’s manual for further details on PGPPASS.

That’s all! Now, every outgoing mail will be piped to PGPSendmail and will be encrypted if a key for the recipient is available. (3)

If your system has enough memory, you should make PGP and PGPSendmail resident to speed the whole process up. (4)

1.7 Configuring PGPSendmail:

PGPSendmail uses the netsupport.library’s logfile mechanism to provide you the required (debugging) information. Please refer to the libraries’ documentation for a brief description. PGPSendmail uses the magic keyword “PGPSendmail” as systemname for the log entries.

PGPSendmail checks whether one of the following keywords exists as local or global variable or is set in your systems master configfile (in order of precedence):

UULib

Here you can specify a directory path, where the other configfiles are stored. This path is required to access the ‘Aliases’ and ‘PGPKeys.lst’ file. Default is ‘UULIB:’.

Sendmail

This entry specified the path and name of the command PGPSendmail should call to actually deliver the mail. The default is ‘sendmail’.

ConfirmEncryption

Set this entry to either “Y” or “N”. When set to “Y”es, PGPSendmail will pop up a requester asking you whether you’d like to encrypt the mail. If set to “N”o, PGPSendmail will encrypt any mail where all keys are available automatically. The default is to ask before encryption.

1.8 What is planned for future version?

• - The current version of PGPSendmail does not handle multiple recipients in the best way. Bcc: is not supported and the whole process breaks if only one key is missing. This will be improved in future releases.

  The next version of PGPSendmail will send the mail out in encrypted form for the recipients that have a key available and unencrypted for the rest of ’em. :-) Maybe PGPSendmail will append a note automatically, encouraging the key-less recipients to install PGP.

• - This version does not parse the keyring directly, but needs a keylist to be around. This is somewhat uncomfortable for the user, because he has to generate a new list every time he modifies the keyring. Future version will access the keyring directly.
• - PGPSendmail has to expand aliases in order to determine the addresses of the recipients. The alias-expansion code has been taken from Matt Dillon’s UUCP package with slight modifications. But someone really has to optimize this code, because it’s uh... horrible. (No offense Matt!)
• - Also worth improving is the way PGP is controlled by PGPSendmail. At the moment you need PGPPASS (see section system requirements) set in order to make PGP encrypt anything. This is no real security lack, since PGP does support local shell variables, however, I’m planning to add a routine to PGPSendmail, that pops up a requester and asks the user for the password, submitting the result to PGP via the commandline.

  Also I’m thinking about opening a console-window for PGP, so the user can see what is going on and can possibly control PGP interactively.

• - I plan to add a kind of fortune cookie program that places the real subject in the encrypted body and inserts a random cookie instead.

1.9 What do I need to run PGPSendmail?

• - You need at least KICKSTART 2.04 to run PGPSendmail.
• - PGPSendmail requires less than 4k stack.
• - PGPSendmail works only with PGP v2.2 or later. Earlier version were not able to encrypt mails for several recipients, neither did they have the +batchmode feature.
• - You must have ‘T:’ assigned, because all temporary files go into ‘T:’.
• - The original “sendmail” must be available.
• - Your PGP must be configured correctly. PGPPATH and PGPPASS have to be set properly. If you have problems with PGP leaving files in your ‘UUSpool:’, check our if PGP’s KeepBinary option is turned off.

1.10 How to contact me

If you want to contact me (e-mail preferred), you may use the following addresses:

SnailMail: Peter Simons         E-Mail: simons@peti.GUN.de (Usenet)
           Europaring 20
           D-53123 Bonn 1        Voice: +49 228 746061
           Germany

BTW, a mailing list for the Amiga version of PGP and all related topics exists on peti. New PGP and PGPSendmail versions will be announced and possibly posted to this list. You can also reach many other users there and get help if you have problems with your setup. To subscribe, send e-mail to listserv@peti.GUN.de and put the commands

ADD your_address PGPAmiga
HELP

in the mailbody. Your address will be added to the subscribers list and you’ll receive the ListSERV’s helpfile. To post to the list (even if not subscribed), send e-mail to PGPAmiga@peti.GUN.de.

1.11 About the author

Congratulations! Amongst the 12.42% of software users who actually bother to read the documentation, you are one of the brightest as you have apparently chosen to read the hidden gem in it: The section "About The Author".

Disclaimer(5): Although this has not been written by Peter Simons himself, it is not necessarily more objectively than it would have been if he did it himself.

As a first approximation to the author, let us have a look at a text he wrote about himself in a list of systems in his home domain. (It may be of interest to some that his self-description has been 4.46 times as long as the actual technical data of his site.)

I (Peter Simons) was born on Sep 4th 1973 as child of a plain supermodel and a nobel price winner and I had a very nice childhood, although it has always been some kind of nuisance to me that the people used to overlook my really notable IQ because of my extraordinarily handsome appearance.

Note for the reader: I have not known Peter as a child, but you may approximate his look of today by imagining a friendly ice bear with a full beard. (Still a very handsome ice bear, as his girl-friend would probably remark, if she bothered about "all that computer stuff" like this text.)

Although Peter is not really a computer freak - PGPSendmail probably owes its existence to the boring breaks between playing and watching basketball, meeting girls, going to parties, watching M*A*S*H, etc. - the adoption of his nickname "Peti" as site name for his A3000 homebox (peti.GUN.de) symbolizes the fusion of man and machine to a system of high productivity. Furthermore, the natural environment of Peter is best-suited for computer people: The stationer’s shop near his home is the only one I know offering Amigas, Amiga literature and Fish disks just as natural as the more mundane things a stationer sells.

<abrupt and unreasonable break>

This "About The Author" section is shareware. If you want to know how it ends or if you have moulded an opinion about Peter Simons utilizing the information provided herein, send me all your money.

Arno Eigenwillig <arno@yaps.dinoco.de>

1.12 Acknowledgments

“I could see that far, because I stood on the shoulders of giants.” — Albert Einstein

I’d like to thank many, many people for their help and support that made this and all my other programs possible or at least much easier. Unfortunately, there were too many participants and I can only name a few. Sorry if I didn’t mentioned your name!

Phillip R. Zimmermann

Thanks a lot for writing PGP! IMHO, PGP is a really important program and one day all net-traffic may rely on it or a similar tool to guarantee secure communication and mail authentication. PGP is more than just a freeware tool—it’s a political statement for free and independent citizens.

Matt Dillon

With Matt’s permission, I used his alias code in PGPSendmail. This has really made my job much easier. Thanks a lot Matt for your great efforts for the Amiga in the early days. Thanks for porting/writing the UUCP package and especially for DME, still my favorite editor!

Mark Constable

Mark was my first beta tester for the PGP Mail Integration Project and also ran the developer mailing list on his system! Mark, you contributed a lot to this, and many other of my PGP-related programs.

Ralph Thomas Aussem

Marc ’Nepomuk’ Heuler

Thanks a lot to these two for reliable and active beta testing of PGPSendmail and PGPRMail. Without your help and your reports, this program would be less reliable by much.

Thomas Mildenberger

Thomas, thanks for bringing me into the Usenet and for beeing a good friend since more than 1 year now. (Greetings to Phillip, Robert and - of course - Christine!)

Reinhold Pickartz

Thanks for reliable beta testing of anything I write and for supplying me with the latest PD software all the time!

Frank Bergknecht

Thanks for providing a reliable Internet access and for all the time and effort you had to take because one of my programs crashed your machine!

Arno Eigenwillig

For the fine description of my person. :-)

Footnotes

(1)

Bcc: might be supported in a future release.

(2)

PGPSendmail does alias expansion using ‘UULIB:Aliases’.

(3)

Public keys with undefined validity won’t be used for encryption unless you have used them by hand once. Then PGP will assume you trust these keys at least a little bit. :-)

(4)

This is a preliminary release of PGPSendmail that can not be made resident!!

(5)

Which documentation can get along without disclaimer nowadays? :-)

About This Document

This document was generated on December 8, 2024 using texi2html 5.0.

The buttons in the navigation panels have the following meaning:

where the Example assumes that the current position is at Subsubsection One-Two-Three of a document of the following structure:

• 1. Section One
  • 1.1 Subsection One-One
    • ...
  • 1.2 Subsection One-Two
    • 1.2.1 Subsubsection One-Two-One
    • 1.2.2 Subsubsection One-Two-Two
    • 1.2.3 Subsubsection One-Two-Three     <== Current Position
    • 1.2.4 Subsubsection One-Two-Four
  • 1.3 Subsection One-Three
    • ...
  • 1.4 Subsection One-Four

This document was generated on December 8, 2024 using texi2html 5.0.