mailsync with PKS

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

mailsync with PKS

Christoph Anton Mitterer-2
Hi list.

I just wondered about the current status of communication with the PKS
network.

Is this still done (in both directions).

It seems that keyserver.kjsl.com is down, isn't it?

And how would I configure an incomming mailsync?


Best wishes,
Chris.

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

smime.p7s (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: mailsync with PKS

John Clizbe-3
Christoph Anton Mitterer wrote:
> Hi list.
>
> I just wondered about the current status of communication with the PKS
> network.
>
> Is this still done (in both directions).

I believe so. Don't see a lot of traffic on it though.

> It seems that keyserver.kjsl.com is down, isn't it?

Looks that way. Looks like it was last seen online 2008-12-10.

> And how would I configure an incomming mailsync?

http://web.archive.org/web/20041201134443/http://documentation.penguin.de/cgi-bin/twiki/view/SKSKeyserver/SKSInstallation#Setting_up_Connectivity_with_the


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: mailsync with PKS

Andy Ruddock-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

John Clizbe wrote:

> Christoph Anton Mitterer wrote:
>> Hi list.
>>
>> I just wondered about the current status of communication with the PKS
>> network.
>>
>> Is this still done (in both directions).
>
> I believe so. Don't see a lot of traffic on it though.
>
>> It seems that keyserver.kjsl.com is down, isn't it?
>
> Looks that way. Looks like it was last seen online 2008-12-10.
>
>> And how would I configure an incomming mailsync?
>
> http://web.archive.org/web/20041201134443/http://documentation.penguin.de/cgi-bin/twiki/view/SKSKeyserver/SKSInstallation#Setting_up_Connectivity_with_the
>

The documentation on that site is useful, I've a couple of questions
regarding it.

1. On Debian/Ubuntu sks is installed to run as user debian-sks, is this
in any way linked to the address given as the from_addr?
I have the address [hidden email] as from_addr, would I add

debian-sks: keyserver
keyserver: "|/path/of/sks_add_mail /path/to/sks/directory"

to /etc/aliases, or would the second line on its own suffice?

2. The documentation shows the "procmail entry", where does this go?

Thanks for your help.

- --
Andy Ruddock
- ------------
[hidden email] (GPG Key ID 0xA622D452)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmPI/kACgkQfSkWkaYi1FKUjQCeNN+3vAk0QsXIulKZqMf1YO6L
hyUAoIwq6eu/Z/ZkLQf45nLu7T7qdr27
=EQ9u
-----END PGP SIGNATURE-----


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: mailsync with PKS

Andy Ruddock-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andy Ruddock wrote:

> John Clizbe wrote:
>> Christoph Anton Mitterer wrote:
>>> Hi list.
>>>
>>> I just wondered about the current status of communication with the PKS
>>> network.
>>>
>>> Is this still done (in both directions).
>> I believe so. Don't see a lot of traffic on it though.
>
>>> It seems that keyserver.kjsl.com is down, isn't it?
>> Looks that way. Looks like it was last seen online 2008-12-10.
>
>>> And how would I configure an incomming mailsync?
>> http://web.archive.org/web/20041201134443/http://documentation.penguin.de/cgi-bin/twiki/view/SKSKeyserver/SKSInstallation#Setting_up_Connectivity_with_the
>
>
> The documentation on that site is useful, I've a couple of questions
> regarding it.
>
> 1. On Debian/Ubuntu sks is installed to run as user debian-sks, is this
> in any way linked to the address given as the from_addr?
> I have the address [hidden email] as from_addr, would I add
>
> debian-sks: keyserver
> keyserver: "|/path/of/sks_add_mail /path/to/sks/directory"
>
> to /etc/aliases, or would the second line on its own suffice?
>
> 2. The documentation shows the "procmail entry", where does this go?
>
> Thanks for your help.
>

Sorry to answer to myself, I believe the correct solution is to add

keyserver: debian-sks
debian-sks: "|/path/of/sks_add_mail /path/to/sks/directory"

to /etc/aliases

and add the "procmail entry" to a new file /var/lib/sks/.procmailrc

Please correct me if I'm wrong.

Is there a simple procedure to check whether or not this is setup and
working?

- --
Andy Ruddock
- ------------
[hidden email] (GPG Key ID 0xA622D452)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmPJkwACgkQfSkWkaYi1FLVTwCfTQ7BN0bYoEDkduoCF4ady8zM
yooAoJQWIbuPtXjLkinVp3CcECafao0K
=axcQ
-----END PGP SIGNATURE-----


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: mailsync with PKS

Jonathan Oxer-4
On Sun, 2009-02-08 at 19:37 +0100, Andy Ruddock wrote:

> Sorry to answer to myself, I believe the correct solution is to add
>
> keyserver: debian-sks
> debian-sks: "|/path/of/sks_add_mail /path/to/sks/directory"
>
> to /etc/aliases
>
> and add the "procmail entry" to a new file /var/lib/sks/.procmailrc

Although it's not clear from the archived documentation, I believe you
only need to add one or the other, not both. They're two different ways
to achieve the same end result.

The first approach is with the aliases file which allows you to specify
recipients of email at a system level. The entry you listed above will
send all email addressed to "debian-sks@yourhost" to the sks_add_mail
script directly, and the user doesn't even need to exist.

The second approach is with a procmail entry which is processed within
the context of the user, so it assumes the user exists and
the .procmailrc file is within their home directory (in your case it
seems the home directory for the "debian-sks" user is "/var/lib/sks": do
"grep debian-sks /etc/passwd" to check) and that procmail is installed
and being invoked by the MTA.

There's nothing wrong with doing both, but assuming that your MTA is
reading the aliases file properly your procmail file will never actually
be read because the mail will be redirected by the aliases file entry
first anyway, and the debian-sks user will never see it.

Cheers    :-)
--
Jonathan Oxer
Ph +61 4 3851 6600
Geek My Ride! <http://www.geekmyride.org/>

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc (196 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: mailsync with PKS

Christoph Anton Mitterer-2
On Mon, 2009-02-09 at 10:16 +1100, Jonathan Oxer wrote:
> The first approach is with the aliases file which allows you to specify
> recipients of email at a system level. The entry you listed above will
> send all email addressed to "debian-sks@yourhost" to the sks_add_mail
> script directly, and the user doesn't even need to exist.
Can there be problems here with the owner?
I mean must sks_add_mail be run as debian-sks? Because most files in the
DB and so on, are owned by this.

Any ideas?


Chris.

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

smime.p7s (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: mailsync with PKS

Phil Pennock-17
On 2009-02-23 at 02:52 +0100, Christoph Anton Mitterer wrote:

> On Mon, 2009-02-09 at 10:16 +1100, Jonathan Oxer wrote:
> > The first approach is with the aliases file which allows you to specify
> > recipients of email at a system level. The entry you listed above will
> > send all email addressed to "debian-sks@yourhost" to the sks_add_mail
> > script directly, and the user doesn't even need to exist.
> Can there be problems here with the owner?
> I mean must sks_add_mail be run as debian-sks? Because most files in the
> DB and so on, are owned by this.
>
> Any ideas?
I use Exim as my MTA, which is also the MTA used by Debian.  I can tell
you how to configure Exim for use with SKS, but not how to do it in
Debian's setup.  Given that Debian's MTA setup is designed to allow
packages to provide mail-handling hooks, I'm slightly surprised that
installing the sks .deb didn't let you set this up in Exim with a
dpkg-reconfigure (of Exim) or whatever it is Debian uses.

I feed mail to [hidden email] into sks_add_mail; thus I use
this Router (Routers are an ordered list of handlers, first acceptor
wins):

sks_keysync:
  driver        = accept
  domains       = sks.spodhuis.org
  local_parts   = keysync
  transport     = sks_insert

and then in the Transports section (unordered collection of methods for
carrying out the delivery, referenced from Routers) I have:

sks_insert:
  driver = pipe
  command = /usr/local/bin/sks_add_mail /path/to/sks-dir
  user = sks
  current_directory = /path/to/sks-dir

You'll want to change the values of most of those options, but that's
the framework needed.

-Phil

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

attachment0 (169 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: mailsync with PKS

John Marshall-2
In reply to this post by Christoph Anton Mitterer-2
On Mon, 23 Feb 2009, 02:52 +0100, Christoph Anton Mitterer wrote:
> On Mon, 2009-02-09 at 10:16 +1100, Jonathan Oxer wrote:
> > The first approach is with the aliases file which allows you to specify
> > recipients of email at a system level. The entry you listed above will
> > send all email addressed to "debian-sks@yourhost" to the sks_add_mail
> > script directly, and the user doesn't even need to exist.
> Can there be problems here with the owner?
> I mean must sks_add_mail be run as debian-sks? Because most files in the
> DB and so on, are owned by this.

I use sendmail as the MTA with the keyserver's SMTP address in the
aliases file, so that the message is piped to sks_add_mail.
sks_add_mail tries to write the message into a <path-to-sks>/messages
directory, where sks will find them up and process them.  In this case,
sks_add_mail runs in the context of the MTA.  To get it all to work, I
created the messages directory with mode 770 and set the group to match
the MTA's group (in my case, mailnull).

--
John Marshall

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

attachment0 (203 bytes) Download Attachment