Future of CTM

jvarner at gmail.com jvarner at gmail.com
Sat Sep 5 18:57:16 UTC 2015

(apologies for not replying to previous emails; just subscribed to
the list...)
Peter Wemm wrote:

> I have been trying to find an example of somebody who is actually
> verifying signatures before piping the messages to ctm_rmail.

I am such an example.  The following recipe is the one I use (I
use nmh, so for most people the pipe to rcvstore should be
replaced with a simple mailbox or maildir delivery):

* ^X-BeenThere: ctm-ports-cur at freebsd.org

        :0 c: ${MAILDIR}/ctm-ports.${LOCKEXT}
        | rcvstore +ctm-ports -nounseen

        :0 c
        | gpg --no-default-keyring --keyring ${PMDIR}/ctm.key --verify

        :0 a
        | ctm_rmail -p ${HOME}/ctms/ports/pieces -d ${HOME}/ctms/ports/deltas -l ${PMDIR}/ctm.log

Where ctm.key was produced by importing and exporting the ascii
armored key from the mailman info page.  I did check to confirm
that modifying a signed CTM message will prevent ctm_rmail from
running (gpg exits with an status of 2, which prevents the 'a'
recipe from running).  I did not check to confirm that a
mis-signed message would not verify, but my presumption is that
the combination of --no-default-keyring and --keyring should
prevent that verification from working since the only key in the
specified keyring is the CTM signing key.

More information about the ctm-users mailing list