#!/bin/csh -f
#
#  pgp-receive
#
#  The idea is to have an email address like "vac+pgp" that causes
#  this script to be run which decrypts the mail and then sends it
#  to your normal address (vac in my case).  
#
#  This lets you receive encrypted mail on a Unix machine without
#  having to do anything extra.  It will work with any Unix machine
#  that supports .maildelivery files (any mail reader).  It
#  could even be used to forward mail to non-Unix machines if you
#  thought you were on a reasonably secure net.  The entry in the
#  .maildelivery file should be something like:
#
#  Addr vac+pgp          pipe ? /usr/vac/pgp/pgp-receive
#
#  Since this has the PGP passphrase in this script, it is only
#  as safe as your system is.  Unix machine on the net, with
#  other users, and backups done over the net in cleartext, etc
#  are not top security.
#
#  I recommend that you have another public key that you use for
#  anything imporant and just use this for everyday mail.
#  
#  Still, with this, someone has to do some "breaking and entering" 
#  to get your mail.  So this is much better than no encryption at 
#  all. 
#
#  This file is http://www.offshore.com.ai/security/pgp-receive
#     See also pgp-send
#
#     Vince Cate
#     vac@cs.cmu.edu
#
#  For me the pgp directory is protected, so is a good to be in
#  that directory both to drop the temporary file.
#  The setenv PGPPASSFD 0 tells PGP to get the passphrase from
#  the standard input.  To install this you need to edit the 3
#  places with a "vac".

setenv PGPPATH /usr/vac/pgp

cd $PGPPATH

umask 077
cat > mailtmp.asc

egrep 'Date:|From:|Subject:|To:' mailtmp.asc >  mailtmp
echo " "                                     >> mailtmp

# This is less secure since some Unix ps commands can show other 
# user's environemnts.
#
# setenv PGPPASS "not really vacs passphrase"
# pgp -f < mailtmp.asc >> mailtmp

setenv PGPPASSFD 0
(echo "not really vacs passphrase" ; cat mailtmp.asc) | pgp -f >> mailtmp


/usr/ucb/mail -s "Was encrypted" vac < mailtmp