Sending Your GPG Public Key with an Autoresponder

Given the current (and previous) administrations' flagrant disregard for the Constitution and individual's right to privacy; I can't encourage people enough to encrypt their conversations. After all, your conversations are your business no matter what nonsense the government spews forth.

However, one of the problems with public key encryption is people need your public key in order to send you a private message. Most people place their public key on their website. The problem with this is you have to know where to look on the site for the key. A second method attachs an email address to all your outgoing signed email. If someone emails this address, they receive a copy of your public key in their inbox. While I would like to take credit for this idea, my friend Bill Arlofski let me know about this.

While you can build the autoresponder automagically with qmailAdmin, I prefer to do it by the command line. I feel if you know how to do the configuration by hand, you know what qmailAdmin does and are better prepared to troubleshoot any potential issues.

Setting up the Autoresponder

The below commands cover the configuration of the autoresponder. The below example assumes the system uses vpopmail and qmail. Substitute your domain for domain.xyz and the desired address for the autoresponder for GPGPUBLICKEY-USER.

# cd ~vpopmail/domains/domain.xyz
# mkdir GPGPUBLICKEY-USER
# cd GPGPUBLICKEY-USER
# wget -c http://www.antagonism.org/files/example-message
# mv example-message message

The "message" file is message which you want your autoresponder to send. Open the "message" file in your favorite editor and make the following edits:

1. Put the email address of your autoresponder in the From: line
2. Place your desired subject in the Subject: line
3. Edit the message contents as desired. Be sure to include your GPG public key in the contents.

In the "~vpopmail/domain.xyz" directory, create the file ".qmail-gpgpublickey-user" with the below contents. As noted before, substitute your autoresponder address for gpgpublickey-user. The below example assumes vpopmail's home directory is /home/vpopmail. Lastly, substitute your domain for domain.xyz.

| /usr/bin/autorespond 10000 5 /home/vpopmail/domains/domain.xyz/GPGPUBLICKEY-USER/message /home/vpopmail/domains/domain.xyz/GPGPUBLICKEY-USER

Everytime a message is sent to gpgpublickey-user@domain.xyz, qmail will execute the command in the above file. The above file calls the autorespond command with the following arguments:

• The first argument is the time to consider the message in seconds. The above example tells autorespond to consider the message for 10,000 seconds.
• The second argument is the maximum number of messages to allow within the number of seconds specified by the first argument. The above example will only send a maximum of five messages every 10,000 seconds.
• The third argument is the filename of the message to send. The above example sends the message in /home/vpopmail/domains/domain.xyz/GPGPUBLICKEY-USER/message.
• The fourth argument is the directory to hold the message log. The above example holds the log in /home/vpopmail/domains/domain.xyz/GPGPUBLICKEY-USER.

Configuring Your GPG Signature

Now that you created your autoresponder, you need a way to notify people about the autoresponder. There are two methods to attach the appropriate comment to your encrypted/signed email. The first method is to call gpg from the command line with the "--comment" option. The second is to set the comment action in "~/.gnupg/gpg.conf" file. The below text provides an example of the second method.

comment 'email gpgpublickey-user@domain.xyz for my GPG public key'

The above entry will put the comment "email gpgpublickey-user@domain.xyz for my GPG public key" into any of your encrypted and/or signed email messages.

Downloads

Copyright 2006-2008 Patrick R. McDonald <marlowe@antagonism.org> (GPG key)
This document last modified 2008-07-14 14:56:51 -0700