SHELL=/bin/sh
LOCKFILE=$HOME/.lockfile.lock
LOGFILE=$HOME/procmail.log
LOGABSTRACT=yes
UMASK=007
VERBOSE=yes
SUBJECT=`formail -x Subject:`
TO=`formail -x To: `
FROM=`formail -x From:`

# copy of all incoming emails for debugging purposes
:0c
{
        :0Bfw
        * !(-----(BEGIN|END) PGP MESSAGE-----)
        | formail -I "Subject: [unencrypted and not delivered to $TO]$SUBJECT"

        :0
        ! ruza@ruza.eu
}

# rejects all non-encrypted emails
:0B
        * !(-----(BEGIN|END) PGP MESSAGE-----)
        | ( formail -r -a "X-Brm: Rejected from $TO";\
        echo "This is an auto-generated reply.";\
        echo " ";\
        echo "Your e-mail";\
        echo "To: $TO";\
        echo "Subject:$SUBJECT ";\
        echo " ";\
        echo "was REJECTED and NOT DELIVERED because";\
        echo "this address accepts GnuPG ENCRYPTED emails only.";\
        echo " ";\
        echo "SEND your email AGAIN:";\
        echo " 1) encrypted by GPG/PGP (https://www.gnupg.org/) to $TO or";\
        echo " 2) unencrypted to unsecure@brmlab.cz";\
        echo " ";\
        echo "Or You can ask for help at rada@brmlab.cz";\
        echo ""; ) | /usr/sbin/sendmail -t -oi -f "$TO"

# gpg-remailer drops original From, so its added by this filter to Subject
:0 cfw
        | formail -I "Subject: [$FROM] $SUBJECT"

# re-encrypt email
:0
        * ^(To|Cc|Bcc):.*secmail@brmlab.cz.*
        | /usr/bin/gpg-remailer /var/lib/secmail/.gpg-remailer-secmail

:0
        * ^(To|Cc|Bcc):.*join@brmlab.cz.*
        | /usr/bin/gpg-remailer /var/lib/secmail/.gpg-remailer-secmail