Dead drop

[snoj]

Proposal: Allow for pre-encrypted messages to be passed between servers/clients.

Proposed flow

1. Sender encrypts message with the recipient's public key and then again with their own private key.
2. Sender transmits message to secwrap server using certificate fingerprints as the username portions of mail_from and rcpt_to email addresses.
3. Secwrap accepts or rejects the message based on user rules (eg only accept mail from known public keys.)
4. If message is accepted and the sender is unknown, follow storage/forward rules.
5. If message is accepted and public key of the sender is known, verify the message can be decrypted. Follow the storage/forward rules if message can be decrypted.

Probably needs:

• New SMTP commands (eg replacement for DATA) or new DATA handler.
• New REST hook(s) for handling fingerprint addresses
• New recipient profile settings (eg allowUnknownSenders)