The Secure List Server: an OpenPGP & S/MIME aware Mailman (Cernko, Patrick; Endner-Dühr, Frederic; Herrmann, Jörg)

The Secure List Server Project developed a patch for the Mailman Mailinglist server that enabled it to handle PGP and S/MIME signed resp. encrypted mails. This patch includes:

• Signature verification for incoming mails
• Decryption of incoming encrypted mails
• Encryption and Signing of outgoing mails

While deploying the software on our server, I recognized, that it only had limited support for S/MIME encryption. In order to improve this, we extended the patch with:

• Complete S/MIME support
• WebUI for uploading list's certificate and key for list admins
• WebUI for members to upload their certificate
• Fixed handling of MIME messages
• Using system's trusted CAs instead of single CA
• Eleminated anonymize list workaround by replacing From: mail address with list's address when encrypting
• several bugfixes and overall code review

The updated patch, based on the original one can be found here:

• mailman-2.1.15-pgpsmime+mpi.diff