Author

Topic: VPS script for GPG & Gmail (Read 699 times)

hero member
Activity: 900
Merit: 1000
Crypto Geek
January 16, 2013, 06:43:44 PM
#2
Code:
#!/usr/bin/env python
import imaplib, os, sys, re, time, email, random, string

username=''
password=''

srv = imaplib.IMAP4_SSL('imap.gmail.com', 993)
srv.login(username, password)
status, count = srv.select('[Google Mail]/Drafts')
for mailNum in count:
        if (mailNum == '0'):
                print "No matching emails found"
                break

        typ, msgData = srv.fetch(mailNum, '(RFC822)')
        for response_part in msgData:
                if isinstance(response_part, tuple):
                        msg = email.message_from_string(response_part[1])
                        payload = msg.get_payload()
                        subject = msg['subject']
                        toLine = msg['to']
                        fromLine = msg['from']

        regex = re.compile('.*\*\*SIGN\*\*')
        m = regex.match(subject)

        if not m:
                print "Message \"%s\" does not match our search" % (subject)
                continue
        else:
                print "Message \"%s\" matches our search" % (subject)

        randStr = ''.join(random.choice(string.ascii_uppercase) for x in range(4))
        plainFileName = '/tmp/imap-signer-'+randStr
        msgFile = open(plainFileName,'w')
        msgFile.write(payload)
        msgFile.close()
        os.system('gpg --clearsign ' + plainFileName)
        os.remove(plainFileName)

        gpgFH = open(plainFileName+'.asc', 'r')
        newPayload = gpgFH.read()
        os.remove(msgFile.name+'.asc')

        newEmail = email.message.Message()
        newEmail['Subject'] = subject[0:subject.find('**SIGN**')]+'**SIGNED**'
        newEmail['From'] = fromLine
        newEmail['To'] = toLine
        newEmail.set_payload(newPayload+'\n')

        srv.store(mailNum, '+FLAGS', r'(\Deleted)')
        srv.append('[Google Mail]/Drafts', '',
imaplib.Time2Internaldate(time.time()), str(newEmail))

srv.close()
srv.logout()
hero member
Activity: 900
Merit: 1000
Crypto Geek
January 16, 2013, 06:36:26 PM
#1

 Now FireGPG is dead if you want to quickly verify a message and sender easily you will need to use Crome-cr or get copy and pasting.

It would be much more portable to have a VPS (or home server or Raspberry Pi) checking your drafts folder every 10 seconds for trigger commands such as **SIGN** or just scanning your inbox for .asc attachments, verifying and then labelling as such.

 I tried to do this before but I've lost the code.

  Good idea?

  I know a lot of Bitcoin users use GPG both for emails on important things and also for #Bitcoin-otc. It would be useful to have a portable interface for this - no more risking carrying around your private key on USB and you can access gmail via 2 factor auth so this would be really handy. You are then only risking your comms with USA big corp and quangos (Google, FBI, NSA) and the private key is still on your server so that should be enough for a lot of people.

 So, what would be the tool to start with that can be easily scripted for checking email servers?

 I would love to see a script pasted into here eventually. Perhaps the first goal should be checking the inbox for .asc attachments
Jump to: