Right now, it only collects keys that are on the key servers, although it would be easy to look for finger near pgp, and extract keys there. I haven't written that code because I think that finger for pgp key is philisophically wrong. Anyone (behind firewalls, over UUCP links) can use this code just as well as someone on a T3.
I've been thinking of adding an http mode that uses netcat to grab keys, but its a lot of complexity, and since I'm sorting mail into boxes anyway, I've found that the email retreival is fast enough to get keys before I get to see most messages.
:0
* From bal@swissnet.ai.mit.edu
{
:0 h
* >10000
/dev/null
:0 h
*^Subject:.*no keys match
/dev/null
# This doesn't belong here. Its for when I send in a key, but
# it protects the next rule from barfing.
:0:
*Subject: Your command, ADD
$DEFAULT
:0E
| pgp +batchmode -fka
}
# auto key retreival
:0BW
* -----BEGIN PGP
*!^FROM_DAEMON
KEYID=|/home/adam/bin/sender_unknown
#
# I have an elm alias, pgp, points to a keyserver
# The logfile gets unset briefly to keep the elm lines out of my
# logfile.
:0 ahc # added h 8 jan 95
* ! ^X-Loop: Adams autokey retreival.
| formail -a"X-Loop: Adams akr" |elm -s"mget $KEYID" pgp
This line could replace the elm line above, but I haven't tested it.
nc is netcat. Ask your vendor why its not included, and get it
yourself. FTP netcat
| echo "GET /pks/lookup?op=get&exact=on&search=$KEYID" | nc big-screw.mit.edu 11371
#!/bin/sh
# sender_unknown returns a keyid, exits 1 if the key is known
# $output is to get the exit status. Othierwise, this would be a one
liner.
OUTPUT=`pgp -f +VERBOSE=0 +batchmode -o /dev/null`
echo $OUTPUT | egrep -s 'not found in file'
EV=$?
if [ $EV -eq 0 ]; then
echo $OUTPUT | awk '{print $6}'
fi
exit $EV