#!/bin/bash

WORKDIR="/tmp"
SENDMAIL="/usr/sbin/sendmail -G -i"
CERTS="/etc/mailcerts"
EX_UNAVAILABLE=69
SENDER="$2"
RECIPIENT="$4"

if test -f "$CERTS/$RECIPIENT.crt" ; then

        MESSAGEFILE="$WORKDIR/message.$$"

        trap "rm -f $MESSAGEFILE; rm -f $MESSAGEFILE.encrypted" 0 1 2 3 15

        umask 077

        cat > $MESSAGEFILE || { echo Cannot save mail to file; exit $EX_UNAVAILABLE;}

        SUBJECT="$(reformail -x "Subject:" < $MESSAGEFILE)"

        openssl smime -encrypt -des3 -out $MESSAGEFILE.encrypted -from $SENDER -to $RECIPIENT -subject "$SUBJECT" $CERTS/$RECIPIENT.crt < $MESSAGEFILE || { echo Problem encrypting message; exit $EX_UNAVAILABLE; }

        $SENDMAIL "$@" < $MESSAGEFILE.encrypted
        exit $?
else
        cat | $SENDMAIL "$@"
        exit $?
fi