This document refers to Schleuder version 4.0. To read about older versions of Schleuder please see the older docs.
- Using a list
- Getting a list’s public key
- Special keywords
- Contact list-owner
Using a list
Everything you send to
foo@hostname will be send to all subscribers, but they will see only certain headers and the body of your email. The selection of these headers can be configured for each list individually by the list-admins.
Getting a list’s public key
Each Schleuder-list replies with its public key to any email sent to
foo-sendkey@hostname. E.g. to receive the key for our contact address write an email to
Schleuder knows some special keywords that trigger different behaviour. You can e.g. subscribe someone, or resend an email to a non-subscriber using keywords. See a list of available keywords below.
Keywords require that:
- they start the line and begin with “x-“,
- they are written into the beginning of the first text-part of the email (usually that’s just the normal body of the email),
- possible arguments must be written on the same line as the keyword (exceptions are mentioned in the descriptions below),
- the email must be encrypted and signed by a list-member’s key.
- the email must be formatted as a plain text message and not with HTML, RTF or similar formatting.
Keywords can be repeated within one email at will. Letter case doesn’t matter.
There are two types of keywords: those to enhance messages sent over the list (“list-keywords”), and those to request something from Schleuder (“request-keywords”).
To mitigate replay attacks of emails containing keywords, every email using a keyword must contain the special
x-list-name keyword followed by the list’s emailaddress. Example:
- x-list-name: firstname.lastname@example.org
- You must always provide this keyword once per email. Without it, no other keyword will be considered but you will receive an error message.
Subscription and key management
The following keywords must be send to the request address of the list:
x-list-name: foo@hostname with every command you send.
- Import the email’s attachment(s) or the rest of the email-body into the list’s keyring. To paste your public key into the body of the mail, please export it in “ASCII-armored” text format (e.g.
gpg --armor --export 0xAE0DBF5A92A5ADE49481AB6F8A3171EF366150CE). If you send the key as an attachment of the email, both “ASCII-armored” and binary format are supported.
- x-set-fingerprint: 0x12345678DEADBEEF12345678DEADBEEF12345678
- Assign the key with the given fingerprint to your subscription. It is not possible to set an empty fingerprint. To unset your fingerprint use
- x-unset-fingerprint: email@example.com
- Remove the fingerprint associated with your subscription.
Example: Update your key of a list subscription
All commands to switch to a new key must be signed with the current old key.
1. Submit the new key to the keyring of the list
x-list-name: foo@hostname x-add-key -----BEGIN PGP PUBLIC KEY BLOCK----- ASak6ezpIZkSZ/ql7UOiOIxi7dAWg4YwFB+yrkN+aUi9Io+No1Y0Rjz+/pUIvGx7 KbyhUQjE6wvGJKDqWyLQVoyB+R0ZV3k6lQFqa7TETXCoGuU8CRM4XcynU7MNgGFQ ... mDMEXuYDuxYJKwYBBAHaRw8BAQdAqP98Ao= =32SG -----END PGP PUBLIC KEY BLOCK-----
A successful answer should look something like this:
This key was newly added: 0x12345678DEADBEEF12345678DEADBEEF12345678 firstname.lastname@example.org 2019-05-23 [expires: 2023-05-23]
2. Verify that the uploaded key made it into the keyring
x-list-name: foo@hostname x-list-keys
The answer will be a list of all keys in the keyring of the list. Make sure, your new key is in the keyring now.
3. Change your subscription to use the new key
x-list-name: foo@hostname x-set-fingerprint: 0x12345678DEADBEEF12345678DEADBEEF12345678
A successful answer should look something like this:
Fingerprint for email@example.com set to 12345678DEADBEEF12345678DEADBEEF12345678.
From now on, all mails will be encrypted to the new key and all your mails must be signed with this key.
One caveat: Disabled commands
To further improve security and confidentiality, list-admins can manually disable certain commands
x-add-key for mere subscribers of the list. With these commands disabled for you,
you have to rely on the list-admin to handle key management.
The resending-keywords must be included in messages sent to the normal list-address:
- Attachs the public key of the list. Probably most useful in combination with x-resend.
- x-resend: firstname.lastname@example.org
- Send the message to the given address, encrypted if possible, otherwise in the clear.
- x-resend-encrypted-only: email@example.com
- Send the message to the given address only if it could be encrypted. Can be abbreviated to
- x-resend-unencrypted: firstname.lastname@example.org
- Send the message to the given address without encrypting it. You can use this keyword to make schleuder skip looking for a matching key for this address and enforce sending the email out in the clear.
- x-resend-cc: email@example.com firstname.lastname@example.org
- Send one message to all of the given addresses in Cc, so they get to know of each other (encrypted if possible, otherwise in the clear).
- x-resend-cc-encrypted-only: email@example.com firstname.lastname@example.org
- Send one message to all of the given addresses in Cc, so they get to know of each other, only if it could be encrypted to all of those addresses. Can be abbreviated to
- x-resend-cc-unencrypted: email@example.com firstname.lastname@example.org
- Send one unencrypted message to all of the given addresses in Cc, so they get to know of each other. We skip looking for any key and will just send out the email in the clear.
foo-owner@hostname to contact the list-owner(s) even if you don’t know who they are. Use the list’s key to encrypt the email!