NAME

Mail::SpamAssassin::Plugin::OpenPGP - A SpamAssassin plugin that validates OpenPGP signed email.

VERSION

Version 1.0.4

SYNOPSIS

Install this module by running:

cpan Mail::SpamAssassin::Plugin::OpenPGP

Tell SpamAssassin to use it by putting the following (from this module's etc/init_openpgp.pre) in a configuration file

loadplugin Mail::SpamAssassin::Plugin::OpenPGP

Configure the plugin by putting the following (from this module's etc/26_openpgp.cf) in a configuration file (see http://wiki.apache.org/spamassassin/WhereDoLocalSettingsGo)

ifplugin Mail::SpamAssassin::Plugin::OpenPGP

rawbody   OPENPGP_SIGNED     eval:check_openpgp_signed()
describe OPENPGP_SIGNED     OpenPGP: message body is signed

rawbody   OPENPGP_ENCRYPTED     eval:check_openpgp_encrypted()
describe OPENPGP_ENCRYPTED     OpenPGP: message body is encrypted

rawbody   OPENPGP_SIGNED_GOOD     eval:check_openpgp_signed_good()
describe OPENPGP_SIGNED_GOOD     OpenPGP: message body is signed with a valid signature
tflags OPENPGP_SIGNED_GOOD nice

rawbody   OPENPGP_SIGNED_BAD     eval:check_openpgp_signed_bad()
describe OPENPGP_SIGNED_BAD     OpenPGP: message body is signed but the signature is invalid, or doesn't match with email's date or sender

endif   # Mail::SpamAssassin::Plugin::OpenPGP

Set up some rules to your liking, for example:

score OPENPGP_SIGNED -1
# this would total to -2
score OPENPGP_SIGNED_GOOD -1
# this would total to 0
score OPENPGP_SIGNED_BAD 1

DESCRIPTION

This uses Mail::GPG which uses GnuPG::Interface which uses Gnu Privacy Guard via IPC.

Make sure the homedir you use for gnupg has a gpg.conf with something like the following in it, so that it will automatically fetch public keys. And make sure that the directory & files are only readable by owner (a gpg security requirement).

keyserver-options auto-key-retrieve timeout=5
# any keyserver will do
keyserver  x-hkp://random.sks.keyserver.penguin.de

If a public key cannot be retrieved, the email will be marked as SIGNED but neither GOOD nor BAD. To ensure that your local public keys don't get out of date, you should probably set up a scheduled job to delete pubring.gpg regularly

For project information, see http://konfidi.org

USER SETTINGS

gpg_executable /path/to/gpg
gpg_homedir /var/foo/gpg-homedir-for-spamassassin
openpgp_add_header_fingerprint 1 # default 1 (true)
openpgp_add_header_failure_info 0 # default 1 (true)

The OpenPGP headers are never added to emails without a signature.

AUTHOR

Dave Brondsema, <dave at brondsema.net>

BUGS

If only part of a PGP/MIME message is signed (for example, a mailing list added a footer outside of the main content & signature) then it is not considered signed. If any part of a message is signed inline, it is considered signed. A future version will probably use OPENPGP_PART_SIGNED, and have checks to verify that the unsigned part is at the end and that the signed part is not very short (to prevent spammers from having a small signed part accompanied by a large spammy part).

Please report any bugs or feature requests to bug-mail-spamassassin-plugin-OpenPGP at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Mail-SpamAssassin-Plugin-OpenPGP. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

SUPPORT

You can find documentation for this module with the perldoc command.

perldoc Mail::SpamAssassin::Plugin::OpenPGP

You can also look for information at:

AnnoCPAN: Annotated CPAN documentation

http://annocpan.org/dist/Mail-SpamAssassin-Plugin-OpenPGP
CPAN Ratings

http://cpanratings.perl.org/d/Mail-SpamAssassin-Plugin-OpenPGP
RT: CPAN's request tracker

http://rt.cpan.org/NoAuth/Bugs.html?Dist=Mail-SpamAssassin-Plugin-OpenPGP
Search CPAN

http://search.cpan.org/dist/Mail-SpamAssassin-Plugin-OpenPGP

ACKNOWLEDGEMENTS

COPYRIGHT & LICENSE

This program is released under the following license: Apache License, Version 2.0

To install Mail::SpamAssassin::Plugin::OpenPGP, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Mail::SpamAssassin::Plugin::OpenPGP

CPAN shell

perl -MCPAN -e shell
install Mail::SpamAssassin::Plugin::OpenPGP

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

VERSION

SYNOPSIS

DESCRIPTION

USER SETTINGS

TAGS

openpgp_checked

openpgp_signed

openpgp_signed_good

openpgp_signed_bad

openpgp_encrypted

openpgp_fingerprint

AUTHOR

BUGS

SUPPORT

ACKNOWLEDGEMENTS

COPYRIGHT & LICENSE

NAME

VERSION

SYNOPSIS

DESCRIPTION

USER SETTINGS

TAGS

openpgp_checked

openpgp_signed

openpgp_signed_good

openpgp_signed_bad

openpgp_encrypted

openpgp_fingerprint

AUTHOR

BUGS

SUPPORT

ACKNOWLEDGEMENTS

COPYRIGHT & LICENSE

Module Install Instructions