email filtering with GPG

[Michael W. Oliver]

Hi list,

I have a question about a particular MTA, not FreeBSD specifically, but
since you are a bunch of service provider folk I figured I would ask.
Here is my situation.  I am using Postfix as my MTA, and would like to
drastically cut the amount of email that my users see.  I am already
doing blacklist filtering and lots of other stuff in
"smtpd_recipient_restrictions" in main.cf, but it isn't enough.

What I would like to do is kill any email that doesn't have a valid
PGP/GPG signature, but I am not sure that Postfix is the right place to
do this.  Right now, all mail is delivered to ~/Maildir for each user by
maildrop, and they pick up their mail via IMAPS (Dovecot).  At first I
was thinking about some sort of filter for Postfix that would check for
a signature and then reject the message if the signature check failed.
However, the more I think about it, the more I am inclined to use
maildrop's xfilter mechanism to do the signature checking to keep the
load off of Postfix.  The reality is that I am not sure which is why I
am asking you.

Am I crazy?  Can you think of better ways to do strict signature
checking in this environment, either with Postfix, maildrop, or
something else I am not currently using?

I thank you for your time and consideration.

-- 
Mike Oliver, KI4OFU
[see complete headers for contact information]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-isp/attachments/20060629/7ef2d431/attachment.pgp