Encryption of outgoing mails


Inspired by zeyple, the SMTP server used to send notifications from the forum, icinga, wazuh, mattermost, nextcloud, etc. can now encrypt outgoing mails if the recepient GPG public key is known. Here is an example:

  • Add the following to ~/.enough/enough.community/inventory/host_vars/postfix-host/gpg.yml:

      - "{{ '~/.enough/enough.community/gpg/*.asc' | expanduser }}"
  • Add GPG public keys in the directory:

    gpg --export --armor loic@dachary.org > ~/.enough/enough.community/gpg/loic@dachary.org.asc
  • Run the playbook:

    $ enough --domain enough.community playbook
    TASK [postfix_encrypt : Copy GPG keys to the host] *****************************
    changed: [postfix-host] => (item=~/.enough/enough.community/gpg/loic@dachary.org.asc)

Assuming the forum is in mailing list mode, the next notification will be encrypted, as shown in this Thunderbird screenshot: