gpgit is a mail filter that encrypts an email with a public key in the user's GnuPG keyring.


It partially solves the problem that no one wants to use PGP encryption. The email is still in the clear while in transit, but it gets encrypted before it touches your mail server's hard drive. That means mail is still vulnerable to network capture (unless TLS is used) and to logging on the intermediate SMTP servers, but not vulnerable to authorities randomly seizing your server, National Security Letters on your email provider, or other crazy stuff like that.

Note that PGP does not encrypt email headers. This includes the To/From/CC fields, the subject line, the date, and possibly other metadata such as the sender's IP address and the name of his/her email client. This metadata alone can say a lot about you, who you talk to, how much, how frequently, and even the topic of the conversations since the subject line is not encrypted. Automated email from websites also give out information such as the websites you visit, what you do on them (guessable from the subject line), how active you are on them (more email volume from an entity generally means you interact more actively with it), etc. Under US jurisdiction, this information can be obtained without a warrant (and it probably has already been obtained), without the service provider having to tell you about it.


gpgit simply reads an email from stdin, encrypts it with the key given as first argument (unless the email is already encrypted), and writes out the result to stdout. That's almost all there is to it; some other arguments are available. Run gpgit without arguments for details.

You need some Perl modules for this to work:

There are multiple ways to use this in your email system: With Exim: Automatically Encrypting all Incoming Email with Exim With Dovecot: Encrypt specific incoming emails using Dovecot and Sieve


encmaildir.sh is a little bonus script to encrypt an existing email directory, taking care of file permissions and ownership and Dovecot indexes and everything.

Only unencrypted emails will be modified. Run encmaildir.sh without arguments for usage information.