Quick-Sign Milter Installation
The Quick-Sign Milter works in addition with a mail server; this software catches mails before they reach the standard mail server. The milter processes the mails if they correspond to a signature/seal request otherwise, these mails follow the standard process.
The quicksign-milter package must be installed and configured on a postfix server. WebADM/OpenOTP infrastructure must be already deployed and integrated with your LDAP backend. Your OpenOTP license must also support
2. Package Installation
2.1 RHEL/CentOS through RCDevs Repository
The installation of the Quick-Sign Milter as a service is done with the following command once RCDevs repository is installed:
yum install quicksign-milter OR dnf install quicksign-milter
2.2 Debian/Ubuntu through RCDevs Repository
The installation of the Quick-Sign Milter as a service is done with the following command once RCDevs repository is installed:
apt install quicksign-milter
3. Components of the Milter
3.1 Mandatory Components
To work, the milter needs several components.
- IMAP and SMTP associated server
- Redis server to store sessions about pending signatures requests
- WebADM server for the junction to the OpenOTP process
3.2 Optional components
The Quick-Sign Milter can be associated to the Quick-Sign Portal. In this configuration, the milter can be used as is or with the portal without changing the configuration. For more information about this configuration, refer to Quick-Sign Portal Guide.
The milter is installed in
Please find below, the standard Milter configuration file for domain “server.com”.
4.1 Standard configuration file quicksign-milter.conf
[Milter] ; socket = /var/run/quicksign/quicksign-milter.sock socket = inet:8890@localhost timeout = 30 polling = 15 # Portal settings (optional) # If one is enabled, the second one and the TemplatesPortal section have to be activated portal_id = a9a9a9a9-a9a9-a9a9-a9a9-a9a9a9a9a9a9 portal_manager = Postman@server.com [Redis] host = redis.server.com port = 6379 [OpenOTP] server_url = https://webadm.server.com:8443/openotp/ client_id = QuickSign signature_timeout = 600 [Signature] # The following advanced configuration variable takes a regular expression to # search the given pattern in the subject of the received e-mail. If a match # is found, the signature will be switched to advanced mode # Switch to advanced signature mode if any of the following case insensitive # words is found anywhere in the subject of the e-mail advanced_trigger = advanced|avancée # Switch to advanced signature mode if [a], [adv], [advanced] or [avancée] is # found case insensitive at the beginning of the subject of the e-mail # advanced_trigger = ^\[(a|adv|advanced|avancée)\] # Allowed values for advanced_scope: Local, Global or eIDAS advanced_scope = Global # Switch to eIDAS qualified signature mode if any of the following case # insensitive words is found anywhere in the subject of the e-mail qualified_trigger = qualified|qualifiée # allowed mime types in advanced signature mode allowed_mime_types = [ "application/msword", "application/pdf", "application/rtf", "application/vnd.ms-excel", "application/vnd.ms-powerpoint", "application/vnd.oasis.opendocument.presentation", "application/vnd.oasis.opendocument.spreadsheet", "application/vnd.oasis.opendocument.text", "application/vnd.openxmlformats-officedocument.presentationml.presentation", "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet", "application/vnd.openxmlformats-officedocument.wordprocessingml.document", "application/vnd.visio" ] [EmailAddresses] notification_sender = email@example.com real_domain = server.com sign_domain = sign.server.com seal_email = firstname.lastname@example.org [Logging] log_filename = /var/log/quicksign/quicksign-milter.log level = WARNING ; DEBUG ; INFO ; WARNING ; ERROR ; CRITICAL # Mails templates sent by the Milter (mandatory) [Templates] _mail_footer_html = /etc/quicksign/templates/milter/_mail_footer.html _mail_footer_txt = /etc/quicksign/templates/milter/_mail_footer.txt _style = /etc/quicksign/templates/milter/_mail_style.inc cancel_error_html = /etc/quicksign/templates/milter/cancel_error.html cancel_error_subject = /etc/quicksign/templates/milter/cancel_error.subject cancel_error_txt = /etc/quicksign/templates/milter/cancel_error.txt cancel_inform_html = /etc/quicksign/templates/milter/cancel_inform.html cancel_inform_subject = /etc/quicksign/templates/milter/cancel_inform.subject cancel_inform_txt = /etc/quicksign/templates/milter/cancel_inform.txt cancel_success_html = /etc/quicksign/templates/milter/cancel_success.html cancel_success_subject = /etc/quicksign/templates/milter/cancel_success.subject cancel_success_txt = /etc/quicksign/templates/milter/cancel_success.txt recipient_error_html = /etc/quicksign/templates/milter/recipient_error.html recipient_error_subject = /etc/quicksign/templates/milter/recipient_error.subject recipient_error_txt = /etc/quicksign/templates/milter/recipient_error.txt recipient_notice_html = /etc/quicksign/templates/milter/recipient_notice.html recipient_notice_subject = /etc/quicksign/templates/milter/recipient_notice.subject recipient_notice_txt = /etc/quicksign/templates/milter/recipient_notice.txt recipient_reject_html = /etc/quicksign/templates/milter/recipient_reject.html recipient_reject_subject = /etc/quicksign/templates/milter/recipient_reject.subject recipient_reject_txt = /etc/quicksign/templates/milter/recipient_reject.txt seal_error_html = /etc/quicksign/templates/milter/seal_error.html seal_error_subject = /etc/quicksign/templates/milter/seal_error.subject seal_error_txt = /etc/quicksign/templates/milter/seal_error.txt seal_success_html = /etc/quicksign/templates/milter/seal_success.html seal_success_subject = /etc/quicksign/templates/milter/seal_success.subject seal_success_txt = /etc/quicksign/templates/milter/seal_success.txt sender_error_html = /etc/quicksign/templates/milter/sender_error.html sender_error_subject = /etc/quicksign/templates/milter/sender_error.subject sender_error_txt = /etc/quicksign/templates/milter/sender_error.txt sender_error_attachments_html = /etc/quicksign/templates/milter/sender_error_attachments.html sender_error_attachments_subject = /etc/quicksign/templates/milter/sender_error_attachments.subject sender_error_attachments_txt = /etc/quicksign/templates/milter/sender_error_attachments.txt sender_notice_html = /etc/quicksign/templates/milter/sender_notice.html sender_notice_subject = /etc/quicksign/templates/milter/sender_notice.subject sender_notice_txt = /etc/quicksign/templates/milter/sender_notice.txt sender_reject_html = /etc/quicksign/templates/milter/sender_reject.html sender_reject_subject = /etc/quicksign/templates/milter/sender_reject.subject sender_reject_txt = /etc/quicksign/templates/milter/sender_reject.txt sign_details = /etc/quicksign/templates/milter/sign_details.html sign_success_html = /etc/quicksign/templates/milter/sign_success.html sign_success_subject = /etc/quicksign/templates/milter/sign_success.subject sign_success_txt = /etc/quicksign/templates/milter/sign_success.txt # Mails templates sent by the Portal/Milter # Mandatory only if 'portal_id' and 'portal_manager' are enabled (otherwise they are ignored) [TemplatesPortal] _mail_footer_html = /etc/quicksign/templates/portal/_mail_footer.html _mail_footer_txt = /etc/quicksign/templates/portal/_mail_footer.txt _style = /etc/quicksign/templates/portal/_mail_style.inc cancel_error_html = /etc/quicksign/templates/portal/cancel_error.html cancel_error_subject = /etc/quicksign/templates/portal/cancel_error.subject cancel_error_txt = /etc/quicksign/templates/portal/cancel_error.txt cancel_inform_html = /etc/quicksign/templates/portal/cancel_inform.html cancel_inform_subject = /etc/quicksign/templates/portal/cancel_inform.subject cancel_inform_txt = /etc/quicksign/templates/portal/cancel_inform.txt cancel_success_html = /etc/quicksign/templates/portal/cancel_success.html cancel_success_subject = /etc/quicksign/templates/portal/cancel_success.subject cancel_success_txt = /etc/quicksign/templates/portal/cancel_success.txt recipient_error_html = /etc/quicksign/templates/portal/recipient_error.html recipient_error_subject = /etc/quicksign/templates/portal/recipient_error.subject recipient_error_txt = /etc/quicksign/templates/portal/recipient_error.txt recipient_notice_html = /etc/quicksign/templates/portal/recipient_notice.html recipient_notice_subject = /etc/quicksign/templates/portal/recipient_notice.subject recipient_notice_txt = /etc/quicksign/templates/portal/recipient_notice.txt recipient_reject_html = /etc/quicksign/templates/portal/recipient_reject.html recipient_reject_subject = /etc/quicksign/templates/portal/recipient_reject.subject recipient_reject_txt = /etc/quicksign/templates/portal/recipient_reject.txt seal_error_html = /etc/quicksign/templates/portal/seal_error.html seal_error_subject = /etc/quicksign/templates/portal/seal_error.subject seal_error_txt = /etc/quicksign/templates/portal/seal_error.txt seal_success_html = /etc/quicksign/templates/portal/seal_success.html seal_success_subject = /etc/quicksign/templates/portal/seal_success.subject seal_success_txt = /etc/quicksign/templates/portal/seal_success.txt sender_error_html = /etc/quicksign/templates/portal/sender_error.html sender_error_subject = /etc/quicksign/templates/portal/sender_error.subject sender_error_txt = /etc/quicksign/templates/portal/sender_error.txt sender_error_attachments_html = /etc/quicksign/templates/portal/sender_error_attachments.html sender_error_attachments_subject = /etc/quicksign/templates/portal/sender_error_attachments.subject sender_error_attachments_txt = /etc/quicksign/templates/portal/sender_error_attachments.txt sender_notice_html = /etc/quicksign/templates/portal/sender_notice.html sender_notice_subject = /etc/quicksign/templates/portal/sender_notice.subject sender_notice_txt = /etc/quicksign/templates/portal/sender_notice.txt sender_reject_html = /etc/quicksign/templates/portal/sender_reject.html sender_reject_subject = /etc/quicksign/templates/portal/sender_reject.subject sender_reject_txt = /etc/quicksign/templates/portal/sender_reject.txt sign_details = /etc/quicksign/templates/portal/sign_details.html sign_success_html = /etc/quicksign/templates/portal/sign_success.html sign_success_subject = /etc/quicksign/templates/portal/sign_success.subject sign_success_txt = /etc/quicksign/templates/portal/sign_success.txt [Contact] company_website = https://www.server.com supervisor = email@example.com phone = +351 23 45 67 89 [Language] # ISO 639-1 selected_language = en
4.2 Parameters explanations
Defines the socket on which the process runs and on which other processes can communicate with the Milter. The format of this parameter can be
- a file format with .sock extension (e.g.
- or inet format (e.g.
inet:8890@localhostwhere 8890 is of course the used port)
This parameter is the standard duration for OpenOTP timeout (in seconds).
This delay represents the number of seconds between two signatures checking which are pending.
The portal ID is simply a string withou specific format which permits to link the Milter and the Quick-Sign Portal ; the same string has to be included in the Portal configuration. The ID has no specific format: you can insert an UUID, a secret phrase, etc.
This information should not be communicated to the standard users otherwise anybody can usurp the applicant of the signature request.
This is the user who actually sends and receives signatures requests only for the Quick-Sign Portal. In the standard configuration, users send requests with their email client software; their correspondents receive the requests on their own email client software. In the Portal configuration, all these emails are centralized on the Portal manager.
Redis server name for the Milter. This Redis can be merged with anoother Redis server because the Quick-Sign sessions have a specific prefix. In the case the Quick-Sign Portal is installed, the two theoretical Redis servers can also run on a single Redis server thanks to the different prefixes of the Milter and the Portal
The default Redis port is 6379. In theory, it is not needed to change it.
The Milter has to be linked to a RCDevs WebADM where OpenOTP is activated (see here for information: WebADM Administrator Guide).
This is the address of the WebADM server which supports OpenOTP add-on.
This parameter is the identifier of the Milter Policy created in WebADM (find more information: Policies).
This is how long the signature is available (Pending status, waiting for the user to sign the document). After this delay, the signature is obsolete, considered as rejected by the process. The applicant and the “non-signer” will both received an email for their information.
The advanced configuration variable takes a regular expression to search the given pattern in the subject of the received e-mail. If a match is found, the signature will be switched to advanced mode. This parameter is case insensitive.
Defines the scope for advance signatures; this parameter can be
Switch to eIDAS qualified signature mode if any of the following words is found anywhere in the subject of the e-mail. This parameter is case insensitive.
This array parameter can contain all the file types your company needs.
Note that only PDF files can be submitted for standard signatures. All the other files types will be automatically switched to advanced signature.
notification_sender = firstname.lastname@example.org
As opposed to sign domain below, this domain is the actual mail domain used in the organisation.
The sign domain, generally built according to the following format: “sign.<real_domain>”. It is used by the applicant to send a signature request in the receiver email field (e.g. itManager@sign.server.com)
The seal mail address used by a user for his own documents sealing. This parameter is generally built according to the following format: “seal@sign.<real_domain>”.
This parameter is used to set the full path for the Logs.
level parameter defines the Logs verbosity;
WARNING is the default level.
Five levels are available, from
CRITICAL, respectively from the most verbose to the less one.
The presented levels are as follows:
22.214.171.124 Templates for status messages
The Milter mails templates are composed of three files for each status; these files are suffixed by:
_htmlfor the body of the mail (in HTML format) sent by the Milter to inform the applicant and the signer of the signature status
_subjectfor the subject of the same email
_txtfor this whole email in text format The different status are:
cancel_error: an error happened when the applicant cancelled his request
cancel_inform: after a cancellation, the applicant and the signer are informed of the event
cancel_success: cancellation process succeeded
recipient_error: information for the signer; the process is wrong (e.g. server error)
recipient_notice: the signer is noticed about a document is waiting his signature
recipient_reject: the signer is informed himself rejected the signature of the document
seal_error: sent when an error happened during the sealing
seal_success: the sealing is done successfully
sender_error: information for the applicant; the process is wrong (e.g. server error)
sender_error_attachments: the attached documents are wrong of something wrong happened with these documents
sender_notice: the applicant is noticed about a document is waiting the signer’s signature
sender_reject: the applicant is informed the signer rejected the signature of the document
sign_success: signature is done successfully
126.96.36.199 Templates for specific uses
sign_details: this is the template displayed on the mobile device where OpenOTP app is installed
_mail_footer_html: For each status templates above, the footer; HTML format
_mail_footer_txt: For each status templates above, the footer; Text format
_style: the common CSS style for all these templates emails
188.8.131.52 Templates for Portal
Please refer to previous paragraphs: these templates have the same purpose but are used by the Portal.
These Portal templates are mandatory if the fields
portal_manager are not empty.
Otherwise, they are optional.
4.2.8 Contact and Language
In these sections, you can customize miscellaneous information.