BMO/SecureBugMail

Description

SecureMail is a Bugzilla extension which sends bug email related to bugs in certain groups marked as 'secure' with it's body text encrypted. Also password reset emails will be sent out encrypted if a person is a member of any of those 'secure' groups. If you haven't given Bugzilla an encryption key and a change is made to secure bug, you will just get an email which says "this bug has been updated", and will be invited to visit the bug on the web to see what has changed.

The code for the extension can be viewed at https://bzr.mozilla.org/bugzilla/extensions/securemail.

Keys

You can restore full functionality by providing either a S/MIME or a GPG/PGP key.

For instructions on how to generate the keys needed to view the emails properly, see Keys.

Usage

Copy the public key from the .pem file (S/MIME) or from your pubkey.txt file (GPG) into the box in the SecureMail tab of your Bugzilla preferences and click "Submit Changes". If that succeeds, you have provided a valid key. Bugzilla will now start sending you encrypted bugmail for secure bugs, and the email client you configured above should be able to read it.

If a Bugzilla group is set by the Administrator to be a 'secure' group, any bug notifications sent from a bug that is marked private to that group will be encrypted with the user's key if one is stored for that user. Any user's attached to the bug that do not have a key, will receive a short email notifying that a change has been made and that the user will need to visit the bug to see what has changed.

If a user is a member of any Bugzilla groups marked as a 'secure' group and have uploaded a key, if they submit a request for a password change, the request email will also be encrypted.