sending automated GPG signed mails from batch job
Jan Eden
tech at eden.one
Tue May 21 07:20:10 UTC 2024
Hi Matthias,
On 2024-05-21 07:45, Matthias Apitz wrote:
> Hello,
>
> Our Library Management System sends mails to patrons and media vendors
> which are assembled in a shell script with all data (Subject, body, To,
> attachments, etc) by a call to the MUA mutt 2.1.1 which pipes the mail
> to sendmail:
>
> #!/bin/sh
> #
> # $Id: sisis2mail.sh 381380 2020-11-06 07:49:50Z apitzm $
> #
> # filter mails ensuring mails sent are RFC compilant
> # the mutt program (installed by sisis-pap) assists in that
> # usage: sisis2mail.sh [ --cat [ file ] |
> # --body-as-text |
> # --body-as-html |
> # --body-as-text-and-html |
> # --body-as-attachment |
> # --attach-file filename |
> # --inline-images dirname ] [ file]
> #
> # input may be a file or stdin
> # output goes to stdout
> ...
>
> How could we expand this for signing mails on the fly?
>
> Kevin, I saw your reply in
> http://lists.mutt.org/pipermail/mutt-users/Week-of-Mon-20210412/002737.html
> ...
> On Mon, Apr 12, 2021 at 09:50:59AM +0200, Tom wrote:
> >I am trying to use a GnuPG key without a passphrase to send *signed*
> >mails from a cron job for some non-critical, internal reporting.
> >Searching the archives did not give me the answer.
>
> Sorry, cryptographic operations are disabled in batch mode.
>
> I thought I had added a note to the manual about this, but I only see it
> in the "batch composition flow" section (in git). I'll add a note to
> the "encryption and signing" section too.
>
> --
> Kevin J. McCarthy
>
> Is this still the case, that cryptographic operations are disabled in
> batch mode? I could not locate it in the man pages of mutt and muttrc.
>
> What other options do we have outside of mutt on Linux?
This is what I do (in Python):
==================================================
import os
import datetime
import __main__ as main
import smtplib
from email.message import Message
from email.mime.multipart import MIMEMultipart
from email import charset
from email.utils import make_msgid
import keyring
import gnupg
import socket
smtp_server = 'mail.example.com'
smtp_user = 'mailuser at example.com'
port = 587
localhost = 'my.local.host'
pgp_entry = 'PGP-NoReply'
pgp_user = pgp_entry
def send_message(subject, body):
now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
subject = f'{os.path.basename(main.__file__)}: {subject}'
body = f'{body}\n\n{now}'
base_charset = charset.Charset('utf-8')
base_charset.body_encoding = charset.QP
basemsg = Message()
basemsg.set_payload(body, charset=base_charset)
gpg = gnupg.GPG(gpgbinary='/opt/homebrew/bin/gpg')
basetext = basemsg.as_string().replace('\n', '\r\n')
pgp_passphrase = keyring.get_password(pgp_entry, pgp_user)
signature = str(gpg.sign(basetext, keyid='AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA', passphrase=pgp_passphrase, detach=True))
signmsg = Message()
signmsg['Content-Type'] = 'application/pgp-signature; name="signature.asc"'
signmsg['Content-Description'] = 'OpenPGP digital signature'
signmsg.set_payload(signature)
msg = MIMEMultipart(_subtype="signed", micalg="pgp-sha512", protocol="application/pgp-signature")
msg.attach(basemsg)
msg.attach(signmsg)
msg['From'] = 'Script Status <noreply at example.com>'
msg['To'] = 'Admin <admin at example.com>'
msg['Subject'] = subject
msg['Message-ID'] = make_msgid(domain=localhost)
smtp_password = keyring.get_password(smtp_server, smtp_user)
print('Sending email message... ', end='')
try:
s = smtplib.SMTP(host=smtp_server, local_hostname=localhost, port=port)
s.starttls()
s.login(smtp_user, smtp_password)
s.send_message(msg)
print('sent.')
except socket.gaierror:
print('failed (no internet connection).')
del msg
==================================================
- Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-users/attachments/20240521/c5aa710d/attachment-0001.asc>
More information about the Mutt-users
mailing list