Hi!
Some replies:
1. the problem with mail_crypt_global_public_key, there is a bug that we are
fixing where file inputs under plugin { } section do not get aboard.
workaround 1:
You can base64 encode the PEM key (yes, again), and put it in one line such as
plugin {
mail_crypt_global_public_key = LS0tLS1C.....
}
workaround 2:
Return the key from userdb, you can use same format.
3. The mail_attribute_dict thing requires that setting you discovered, but be
advised that in this mode it will create a keypair for each user, and keypair
per folder.
For security and performance reasons, we recommend using ECDSA keys instead of
RSA keys.
---
Aki Tuomi
Dovecot oy
> On January 17, 2017 at 4:40 PM Evgeniy Korneechev <ekorneechev at
altlinux.org> wrote:
>
>
> mail_attribute_dict = file:%h/Maildir/dovecot-attributes > dovecot.conf
>
> Apparently so?))
>
> ----- ???????? ????????? -----
> > ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org>
> > ????: "dovecot" <dovecot at dovecot.org>
> > ????????????: ???????, 17 ?????? 2017 ? 17:32:38
> > ????: Re: Plugin "mail_crypt" does not work
>
> > Hi, guys. Also, currently a problem (with
> > http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key):
> >
> > # dovecot mailbox cryptokey generate -u name at example.com -UR
> > doveadm(name at example.com): Error:
> > mail_crypt_user_get_public_key(name at example.com) failed:
> > mailbox_attribute_get(INBOX,
> >
/shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active)
> > failed: Mailbox attributes not enabled
> >
> > Something is wrong in the settings? Or bug?
> >
> >
> > The same error in log when sending emails (with
> > http://wiki2.dovecot.org/Plugins/MailCrypt#Base64_encoded_keys):
> >
> > Error: sieve: msgid=<57720a813eb7817c80ff67b21718ae42 at
example.com>: failed to
> > store into mailbox 'INBOX':
> > get_public_key(INBOX) failed: mailbox_attribute_get(INBOX,
> > /shared/vendor/vendor.dovecot/pvt/crypt/active) failed:
> > Mailbox attributes not enabled
> >
> > Any ideas?
> >
> >
> > ----- ???????? ????????? -----
> >> ??: "Evgeniy Korneechev" <ekorneechev at
altlinux.org>
> >> ????: "dovecot" <dovecot at dovecot.org>
> >> ????????????: ???????????, 16 ?????? 2017 ? 18:17:44
> >> ????: Re: Plugin "mail_crypt" does not work
> >
> >> We tried these rights:
> >>
> >> [root at mail44 dovecot]# ls -la
> >> ????? 80
> >> drwxr-xr-x 8 root root 4096 ??? 13 13:17 .
> >> drwxr-xr-x 98 root root 12288 ??? 11 11:47 ..
> >> drwxrwxrwx 2 root root 4096 ??? 10 15:58 eckey
> >> drwxr-xr-x 2 root root 4096 ??? 13 12:42 eckey2
> >> drwxr-xr-x 2 vmail vmail 4096 ??? 11 09:14 RSAkey
> >>
> >> [root at mail44 dovecot]# cd eckey2
> >> [root at mail44 eckey2]# ls -la
> >> ????? 16
> >> drwxr-xr-x 2 root root 4096 ??? 13 12:42 .
> >> drwxr-xr-x 8 root root 4096 ??? 13 13:17 ..
> >> -rw-r--r-- 1 root root 316 ??? 13 12:41 ecprivkey.pem
> >> -rw-r--r-- 1 root root 232 ??? 13 12:42 ecpubkey.pem
> >>
> >> ----- ???????? ????????? -----
> >>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi>
> >>> ????: "dovecot" <dovecot at dovecot.org>
> >>> ????????????: ???????, 13 ?????? 2017 ? 14:18:55
> >>> ????: Re: Plugin "mail_crypt" does not work
> >>
> >>> On 13.01.2017 12:21, Evgeniy Korneechev wrote:
> >>>> mail_crypt_global_public_key =
</etc/dovecot/eckey/ecpubkey.pem
> >>>
> >>> Is this world-wide readable file? Is LDA able to access this?
> >>>
> >>> Aki
> >>
> >> --
> >> WBR,
> >> BaseALT/ALTLinux Team
> >
> > --
> > WBR,
> > BaseALT/ALTLinux Team
>
> --
> WBR,
> BaseALT/ALTLinux Team