Documentation for subscribers

This document refers to Schleuder version 4.0. To read about older versions of Schleuder please see the older docs.

Using a list

Everything you send to foo@hostname will be send to all subscribers, but they will see only certain headers and the body of your email. The selection of these headers can be configured for each list individually by the list-admins.

Getting a list’s public key

Each Schleuder-list replies with its public key to any email sent to foo-sendkey@hostname. E.g. to receive the key for our contact address write an email to team-sendkey@schleuder.org.

Special keywords

Schleuder knows some special keywords that trigger different behaviour. You can e.g. subscribe someone, or resend an email to a non-subscriber using keywords. See a list of available keywords below.

Keywords require that:

  • they start the line and begin with “x-“,
  • they are written into the beginning of the first text-part of the email (usually that’s just the normal body of the email),
  • possible arguments must be written on the same line as the keyword (exceptions are mentioned in the descriptions below),
  • the email must be encrypted and signed by a list-member’s key.
  • the email must be formatted as a plain text message and not with HTML, RTF or similar formatting.

Keywords can be repeated within one email at will. Letter case doesn’t matter.

There are two types of keywords: those to enhance messages sent over the list (“list-keywords”), and those to request something from Schleuder (“request-keywords”).

Security

To mitigate replay attacks of emails containing keywords, every email using a keyword must contain the special x-list-name keyword followed by the list’s emailaddress. Example:

x-list-name: someone@example.org
You must always provide this keyword once per email. Without it, no other keyword will be considered but you will receive an error message.

 

Subscription and key management

The following keywords must be send to the request address of the list: foo-request@hostname.
Include x-list-name: foo@hostname with every command you send.

x-add-key:
Import the email’s attachment(s) or the rest of the email-body into the list’s keyring. To paste your public key into the body of the mail, please export it in “ASCII-armored” text format (e.g. gpg --armor --export 0xAE0DBF5A92A5ADE49481AB6F8A3171EF366150CE). If you send the key as an attachment of the email, both “ASCII-armored” and binary format are supported.
x-set-fingerprint: 0x12345678DEADBEEF12345678DEADBEEF12345678
Assign the key with the given fingerprint to your subscription. It is not possible to set an empty fingerprint. To unset your fingerprint use x-unset-fingerprint.
x-unset-fingerprint: person@example.org
Remove the fingerprint associated with your subscription.

 

Example: Update your key of a list subscription

All commands to switch to a new key must be signed with the current old key.

1. Submit the new key to the keyring of the list
x-list-name: foo@hostname
x-add-key

-----BEGIN PGP PUBLIC KEY BLOCK-----

ASak6ezpIZkSZ/ql7UOiOIxi7dAWg4YwFB+yrkN+aUi9Io+No1Y0Rjz+/pUIvGx7
KbyhUQjE6wvGJKDqWyLQVoyB+R0ZV3k6lQFqa7TETXCoGuU8CRM4XcynU7MNgGFQ
...
mDMEXuYDuxYJKwYBBAHaRw8BAQdAqP98Ao=
=32SG
-----END PGP PUBLIC KEY BLOCK-----

A successful answer should look something like this:

This key was newly added: 0x12345678DEADBEEF12345678DEADBEEF12345678 youraccount@yourmail.net 2019-05-23 [expires: 2023-05-23]

2. Verify that the uploaded key made it into the keyring
x-list-name: foo@hostname
x-list-keys

The answer will be a list of all keys in the keyring of the list. Make sure, your new key is in the keyring now.

3. Change your subscription to use the new key
x-list-name: foo@hostname
x-set-fingerprint: 0x12345678DEADBEEF12345678DEADBEEF12345678

A successful answer should look something like this:

Fingerprint for youraccount@yourmail.net set to 12345678DEADBEEF12345678DEADBEEF12345678.

From now on, all mails will be encrpyted to the new key and all your mails must be signed with this key.

One caveat: Disabled commands

To further improve security and confidentiality, list-admins can manually disable certain commands like x-add-key for mere subscribers of the list. With these commands disabled for you, you have to rely on the list-admin to handle key management.

 

Resending

The resending-keywords must be included in messages sent to the normal list-address: foo@hostname.

x-attach-listkey:
Attachs the public key of the list. Probably most useful in combination with x-resend.
x-resend: someone@example.org
Send the message to the given address, encrypted if possible, otherwise in the clear.
x-resend-encrypted-only: someone@example.org
Send the message to the given address only if it could be encrypted. Can be abbreviated to x-resend-enc.
x-resend-unencrypted: someone@example.org
Send the message to the given address without encrypting it. You can use this keyword to make schleuder skip looking for a matching key for this address and enforce sending the email out in the clear.
x-resend-cc: someone@example.org anotherperson@example.org
Send one message to all of the given addresses in Cc, so they get to know of each other (encrypted if possible, otherwise in the clear).
x-resend-cc-encrypted-only: someone@example.org
Send one message to all of the given addresses in Cc, so they get to know of each other, only if it could be encrypted to all of those addresses. Can be abbreviated to x-resend-cc-enc.
x-resend-cc-unencrypted: someone@example.org
Send one unencrypted message to all of the given addresses in Cc, so they get to know of each other. We skip looking for any key and will just send out the email in the clear.

Contact list-owner

Write to foo-owner@hostname to contact the list-owner(s) even if you don’t know who they are. Use the list’s key to encrypt the email!

To participate in the development use the issue tracker. Please take note of our Code of Conduct.