1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
# PGPMailman plugin
## Structure
* `pgpmailman` - A Core plugin.
- `styles` - Both styles generate a list keypair based on plugin settings on list creation as well as set other attributes for an encrypted mailing list.
- `EncryptedDefaultStyle`
- `EncryptedAnnounceStyle`
- `pgp` - Module that handles lower-level pgp related stuff. Such as the GPG keyrings, lookup of keys, encryption of messages, decryption, etc...
- `commands`
- `KeyEmailCommand` - Handles user key management through the `key` command.
- `KeyCLICommand`
- `database` - Plugin needs to store the user/address <-> user-key fingerprint mapping somehow, attached to Mailman's userobject would be the best but otherwise a custom data storage needs to be setup.
- `rest` - Module that exposes plugin-specific REST api, which will be used by the `django-pgpmailman` app. With `/plugins/pgpmailman/` root.
- `/list/<list-id>/key` - For getting the list-key.
- `/list/<list-id>/settings` - For seting per-list configuration options: bounce/discard non-signed, bounce/discard non-encrypted.
- `/user/<user-id>/key` - For getting, setting and revoking the user-key.
- `runners`
- `EncryptedIncomingRunner` - Decrypts incoming messages for encrypted mailing lists and checks their signatures before passing them to the default IncomingRunner. Messages to ordinary lists are passed to the default IncomingRunner wthout change.
- `EncryptedOutgoingRunner` - Encrypts and optionally signs for configured lists. This is a runner and not a Pipeline since we need to encrypt all outgoing messages, so digests, virgin messages, posts...
- `archivers`
- `EncryptedHyperKittyArchiver` - Fetches list archive public keys from `django-pgpmailman`, uses them to send messages to archive encrypted, for encrypted lists.
- `EncryptedLocalArchiver` - Stores messages encrypted with list-key in maildir format.
- `initialize()` - A callable to be setup in a Mailman hook, to setup everything necessary for pgpmailman to run. Such as adding the `listname-key`@ subaddress, creating keyrings if not found, subscribing to events if necessary.
- `tearDown()` - A callable to be setup in a Mailman exit hook.
* `django-pgpmailman` - A Django app that extends Postorius and HyperKitty, also with an associated example_project that combines Postorius, HyperKitty while extending their templates and views seamlessly.
- `api`
- `/list/<list-id>/key` - For getting the list-archive public key.
- `templates` - Will have custom templates as well as templates overwriting and extending certain Postorius and HyperKitty templates.
## Instalation
### Core plugin
A setuptools package that needs to be installed into the same virtualenv as the Mailman 3 instance.
### Django app
A setuptools package that needs to be installed into the same virtualenv as the Postorius and HyperKitty instances, packaged with an example_project.
## Configuration
### Core plugin
Custom runners, archivers and other site configuration options would need to be set.
### Django app
As any of Mailman's Django apps, will be packaged with an example_project with default configuration.
## Documentation
In order for site admins and users to use encrypted mailing lists responsibly, quite some amount of documentation is required, since misusing encrypted lists will make them uneffective.
|
