Plone and S/MIME

has anyone experiences with Plone and S/MIME?
Are there any addons to extend or replace the default MailHost?
Or have someone tried "smime" - or something else in conjunction with Plone?

And are there any plans to support S/Mime in Plone (Zope) in future releases?

Yes I've sent messages using smime in plone.

But it was custom code. I did it using plomino, and by whitelisting the right modules in collective.trustedimports.

Something like this worked

from M2Crypto import BIO, Rand, SMIME, X509
from M2Crypto.X509 import load_cert_string
buf = BIO.MemoryBuffer(message.as_string())

# Instantiate an SMIME object.

# Load target cert to encrypt to.
x509 = load_cert_string("""
-----END CERTIFICATE-----""")
sk = X509.X509_Stack()

# Set cipher: 3-key triple-DES in CBC mode.

# Encrypt the buffer.
p7 = s.encrypt(buf)
# Output p7 in mail-friendly format.
out = BIO.MemoryBuffer()
s.write(out, p7)

# Send the email
mh = get_tool('MailHost')
mh.send(, subject="pdf mail", mfrom="", mto="")

Just to be clear there is no builtin support for smime in the plone mail system and I don't think there is a 3rd party addon that adds it or there is a plan to build support into the core. But feel to build a 3rd party plugin to add this support and if that is well used maybe it applicable to be incorporated into the core?

Thanks, I'll give it a try :slight_smile:

I've hacked specific support for S/MIME locally, but it's a bit tricky IMO to find where to hook in design-wise: in our use case, we definitely didn't want ploneformgen or feedback mails to be signed, since they are user-generated, so we patched registration, password reset and the p.a.contentrules notifications, but it's far from pretty.

1 Like