Is this a good way to send a signed email message? It seems to me that a public key is a little too large to send as a email header. Should I be including the signature and key as a header field, or should I be sending it within the message body?
What are some ways that I could improve this script to make its usage more practical for sending email?
import smtplib
from email.MIMEMultipart import MIMEMultipart
from email.MIMEText import MIMEText
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA
FROMADDR = "[email protected]"
TOADDRS = ["[email protected]"]
LOGIN = ""
PASSWORD = ""
body = "hello world"
key = RSA.importKey(open('/mnt/external_sd/keys/private.asc').read())
h = SHA256.new(body)
signer = PKCS1_v1_5.new(key)
signature = signer.sign(h).encode("base64")
msg = MIMEMultipart()
msg["X-signature"]=signature
msg["X-public-key"]=open("/mnt/external_sd/keys/public.asc").read().encode("base64")
msg['From'] = "[email protected]"
msg['To'] = "[email protected]"
msg['Subject'] = 'sign test'
msg.attach(MIMEText(body, 'plain'))
server = smtplib.SMTP_SSL('smtp.example.net', 465)
server.set_debuglevel(1)
server.ehlo()
server.login(LOGIN, PASSWORD)
server.sendmail(FROMADDR, TOADDRS, msg.as_string())
server.quit()
/mnt/external_sd/...and I can't connect to the SMTP server atsmtp.example.net. We only review working code here, so I have voted to close. – Gareth Rees Jan 5 at 12:48def send_mail(server, port): ...with the last 6 lines, never called, and something similar for the private key, your complaint would not apply. However the question seems to be either a question about how email works, or about how to structure the code that hasn't been written yet. So I agree that it is off-topic. – Michael Urman Jan 5 at 17:04