schleuder(8) a groups email gateway

SYNOPSIS

schleuder [-c baseconfig] listaddress < email
schleuder [-c baseconfig] -test [listaddress]

DESCRIPTION

Schleuder is a groups email gateway: subscribers can communicate encrypted (and pseudonymously) among themselves, receive emails from non-subscribers and send emails to non-subscribers via the list.

Schleuder takes care of all decryption and encryption, stripping of headers, format conversions, etc. Schleuder can also send out its own public key upon request and process administrative commands received by email.

Email cryptography is handled by using GnuPG. Schleuder understands all common encapsulation formats: inline, multipart/encrypted and multipart/signed.

schleuder(8) is usually called in delivery mode by a Mail Transport Agent with an incoming email piped to its standard input. For more informations on how to integrate Schleuder with your existing mail setup, please look at the Schleuder website: http://schleuder.nadir.org/

schleuder-newlist(8) automates the creation of new mailing lists.

AUTOMATIC SENDING OF LIST PUBLIC KEY

To receive the public key of the mailing list anybody can send an email to the special list address which includes -sendkey as a postfix: 
[email protected]

Schleuder will reply with the public key of the list without forwarding the request to the list-members.

EMAIL COMMANDS

Schleuder provides some special commands for advanced features to be used by list-members. Generally they are called by keywords written into the first non-blank line of an email. Schleuder scans for those keywords in every incoming email that is encrypted and validly signed by a list-admin or --- if allowed by the list's configuration --- a list-member.

Administrative commands (membership and key management) must be sent to the request-address or the list, which includes -request as a postfix: 

[email protected]

Communicative commands (resending) must be sent to the normal list-address.

Membership management

Resending is a list-command, that means it is only allowed in emails sent over the mailing list.
To receive the list of members send:
X-LIST-MEMBERS
You will receive a list of list-admins and list-members, and their public keys (or the lack thereof).
To see details on one list-member, including his/her public key:
X-GET-MEMBER: [email protected]

To unsubscribe from the mailing-list:
X-UNSUBSCRIBE
This will remove the member associated with the sender's signing key.
To add a member:
X-ADD-MEMBER: [email protected] mime
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (GNU/Linux)
mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4
dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO
[...]
pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju
Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB
=xTv3
-----END PGP PUBLIC KEY BLOCK-----
mime could also be plain (for receiving inline-encapsulated messages) or be skipped (then the list's default setting is used).
The public key block is also optional.
To delete a member from the list:
X-DELETE-MEMBER:  [email protected]
Please note that this doesn't delete any public keys.

Key management

To receive the list of public keys known to the list:
X-LIST-KEYS

To receive a certain public key known to the list:
X-GET-KEY: [email protected]
You can also specify a KeyID, or parts of it, as long as it identifies the key distinctly.
To add a public key to the list:
X-ADD-KEY:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (GNU/Linux)
mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4
dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO
[...]
pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju
Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB
=xTv3
-----END PGP PUBLIC KEY BLOCK-----

To delete a key from the list's keyring:
X-DELETE-KEY: 0xDEADBEEF
You can also specify an email address, as long as it identifies the key distinctly.

Resending

Resending is a list-command, that means it is only allowed in emails sent over the mailing list.
To send out an email to an external recipient (encrypted if possible, otherwise in the clear):
X-RESEND: [email protected]

Or to send it only if encryption is available:
X-RESEND-ENCRYPTED-ONLY: [email protected]

To specify multiple recipients separate the addresses with spaces or specify the command multiple times:
X-RESEND: [email protected] [email protected]
or 
X-RESEND: [email protected]
X-RESEND: [email protected]
With the first format don't let your Mail User Agent break long lines!

Misc.

To know which version of Schleuder is installed: X-GET-VERSION

OPTIONS

-c path-to-schleuder-configuration
Specify an alternate configuration directory than the default /etc/schleuder.
-test
Instead of processing an incoming email, specifying this flag will make Schleuder verify that the setup and basic settings are in a workable state.
-h
Display usage and exit.

EXIT STATUS

0
Incoming email was processed without errors.
Configuration is correct in test mode.
1
Internal failure in incoming email processing.
Bad configuration in test mode.
100
Unable to decrypt the received message.
Unable to verify the signature when configured to only accept signed messages.
Message is cleartext when only encrypted messages are allowed.
Message is not authenticated as coming from a list-member when authentication is required.

FILES

/etc/schleuder/schleuder.conf: global Schleuder configuration
/etc/schleuder/default-list.conf: default list settings
/var/schleuderlists/LISTNAME/list.conf: list settings
/var/schleuderlists/LISTNAME/members.conf: list susbcribers.
Each member must have the email-attribute set. All other attributes are optional.
The following attributes are available:
mime: defines the 'pgp-variant' to send to the member, possible values are MIME (for pgp/mime-formatted mail according to RFC 3156), and PLAIN (for inline-pgp). The fallback-default for this is defined in the list.conf.
encrypted_only: schleuder tries to encrypt every outgoing email. If that is not possible under some conditions it sends the email unecrypted. If this attribute is set the member will never receive unencrypted emails; the member will be skipped if encrypting is not possible.
Example: 
- email: [email protected]
- email: [email protected]
  mime: PLAIN
- email: [email protected]
  encrypted_only: true

/var/schleuderlists/HOSTNAME/LISTNAME: list internal data
/var/log/schleuder: Schleuder logs directory

All configuration files are formatted as YAML. See http://www.yaml.org/ for more details.

BUGS

Known bugs are listed on the Schleuder bugtracker at https://git.codecoop.org/projects/schleuder

SEE ALSO

LAST SEARCHED