Digital signed mail- certificate issuing
Chuck Swiger
cswiger at mac.com
Wed Apr 25 17:54:59 UTC 2007
On Apr 25, 2007, at 9:10 AM, David Southwell wrote:
> Can anyone please tell me the simplest way I can issue my customers
> a means of
> digitally signing emails they transmit to us via our server. I need
> the
> chosen method to be compatible with most popular email clients and
> popular
> webmail services.
The most commonly used solution for this is PGP (aka GnuPG, OpenPGP,
etc). It's somewhat intrusive, but it is reasonably well supported
by most clients. It can be used with webmail services using a local
client to sign and/or encrypt the message before pasting it into the
webmail's send form.
Another less commonly used alternative is known as S/MIME. It
doesn't work well with webmail, and some MUA clients have problems
with it, too.
> Every customer has their identity and email addresses stored on our
> mysql
> database.
>
> Essentially my target is, as far as possible, to ensure that emails
> purporting to come from my customers are indeed from them and noone
> else.
You're never going to be able to prevent someone from forging emails
which claim to be from a client.
You might be able to convince motivated clients to always use PGP/
GnuPG for signing mail, so that forgeries can be readily identified
by someone knowledgeable, but be aware that most normal computer
users have significant problems dealing with PGP.
--
-Chuck
More information about the freebsd-questions
mailing list