RT 4.2.17 Documentation

RT::Interface::Email::Auth::Crypt

Go to latest version →

NAME

RT::Interface::Email::Auth::Crypt - decrypting and verifying protected emails

DESCRIPTION

This mail plugin decrypts and verifies incoming emails. Supported encryption protocols are GnuPG and SMIME.

This code is independant from code that encrypts/sign outgoing emails, so it's possible to decrypt data without bringing in encryption. To enable it put the module in the mail plugins list:

    Set(@MailPlugins, 'Auth::MailFrom', 'Auth::Crypt', ...other filters...);

Auth::Crypt will not function without Auth::MailFrom listed before it.

GnuPG

To use the gnupg-secured mail gateway, you need to do the following:

Set up a GnuPG key directory with a pubring containing only the keys you care about and specify the following in your SiteConfig.pm

    Set(%GnuPGOptions, homedir => '/opt/rt4/var/data/GnuPG');

Read also: RT::Crypt and RT::Crypt::GnuPG.

SMIME

To use the SMIME-secured mail gateway, you need to do the following:

Set up a SMIME key directory with files containing keys for queues' addresses and specify the following in your SiteConfig.pm

    Set(%SMIME,
        Enable => 1,
        OpenSSL => '/usr/bin/openssl',
        Keyring => '/opt/rt4/var/data/smime',
        CAPath  => '/opt/rt4/var/data/smime/signing-ca.pem',
        Passphrase => {
            'queue.address@example.com' => 'passphrase',
            '' => 'fallback',
        },
    );

Read also: RT::Crypt and RT::Crypt::SMIME.

← Back to index

Security contact information
© 2002-2024 Best Practical Solutions LLC.