A tool to sign and/or encrypt email notifications generated by other applications.

Koverto signs and/or encrypts email messages received in a directory before it sends them out to the recipients. It currently needs a separated email server process to listen for incoming emails and to write them to the directory.

WARNING: This tool is intented to be used to sign and/or encrypt notification emails generated by an application before sending them via the wider internet. It is not intended for end-to-end encrypted/signed communication between humans. Email transport from the notification sending server to koverto needs to be protected against eavesdropping and manipulation.


Koverto was inspired by Kuvert and developed to use Sequoia to sign and possibly encrypt email notifications generated by applications.

"Koverto" is the Esperanto word for envelope.


The documentation can be found in the source code doc/src directory or online.

The short User Guide covers every day usage. It explains configuration settings and command line options.

The binary crate documentation gives a highlevel overview for developers. In addition the crate library API documents the different parts of the codebase.


Koverto has been adapted to be deployed in a docker container in order to facilitate having different directories with different policies and to avoid having to configure the email originating applications with different sender addresses to have different policies. It can also be installed in a non-docker environment.

Docker can be configured to have incoming email directory and Sequoia keystore on volume mounts. and be managed from outside the container.

Koverto and Sequoia command line tools can be used for key management.

Koverto implements a light weight MTA. But it is recommended to use a stable and well tested email server such as Postfix or OpenSMTPD.


Milestone-1.0.0 - Simple daemon that watches one queue dir and handles all mails according to the same policy.

[Milestone-1.1] - Various improvements including watching multiple queue dirs from a single process and handling the incoming mails based on different policies.


  • Uses inotify which only works in linux. It also does not work in linux containers on windows hosts.

  • Requires moving entire mails into the queue dir after writing them to a different location. We do our best to only process files after they have been closed. However we cannot guarantee that during initial processing of the queue.

  • Koverto currently processes mails sequentially in a single thread.

Implementation status

See status (or doc/src/status) for the current implementation status and more details about the limitations.




azul at sequoia-pgp dot org

juga at riseup dot net

Suggestions and feedback by {neal, justus} at sequoia-pgp dot org, Kuvert developer and Kuvert users.