emordin
2019-May-31 02:21 UTC
[mail-crypt-plugin] Password Query for Folder Keys questions
So I believe I generated a key successfully with: 'doveadm mailbox cryptokey generate -u user -UR' because I got the output with the check mark and the Public ID string of characters. However I still can't read the CRYPTED emails when logging in with IMAP.. i'm still getting the following error in the mail log: Error: read() failed: read(/var/vmail/[domain . com/user/Maildir/cur/](http://domain.com/user/Maildir/cur/)<email_index>) failed: Private key not available: Cannot decrypt key ... : error:03070068:big num routines:BN_mpi2bn:encoding error I've tried to list the key with 'doveadm mailbox cryptokey list -u user' but I'm only getting the following output: Folder Active Public ID And I've tried to create a password with 'doveadm mailbox cryptokey password -u user -n Password1' and I'm getting the following output: result: dcrypt_key_load_private(...) failed: password missing Also my settings in conf.d: 10-mail.conf - mail_attribute_dict = file:%h/Maildir/dovecot-attributes mail_plugins = $mail_plugins mail_crypt plugins{ mail_crypt_curve = secp512r1 mail_crypt_save_version = 2 mail_crypt_require_encrypted_user_key = yes } 20-lmtp.conf - protocol lmtp{ mail_plugins = $mail_plugins sieve } And my settings in dovecot-sql.conf.ext: driver = mysql connect = host=127.0.0.1 dbname=mailserver user=mailuser password=1234 password_query = SELECT email as user,password, '%w' AS userdb_mail_crypt_private_password FROM virtual_users WHERE email='%u'; In the virtual_users table I have: id, domain_id, email, password Any ideas what the issue may be? Also am I suppose to add the 'userdb_mail_crypt_private_password' into the table and put the virtual users email login password in there? Or is it suppose to be a temporary query? Thanks. Sent with [ProtonMail](https://protonmail.com) Secure Email. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20190531/3812203c/attachment-0001.html>
Aki Tuomi
2019-May-31 06:43 UTC
[mail-crypt-plugin] Password Query for Folder Keys questions
> On 31 May 2019 05:21 emordin via dovecot <dovecot at dovecot.org> wrote: > > > So I believe I generated a key successfully with: > 'doveadm mailbox cryptokey generate -u user -UR' because I got the output with the check mark and the Public ID string of characters. > > However I still can't read the CRYPTED emails when logging in with IMAP.. i'm still getting the following error in the mail log: > Error: read() failed: read(/var/vmail/domain . com/user/Maildir/cur/ (http://domain.com/user/Maildir/cur/)<email_index>) failed: Private key not available: Cannot decrypt key ... : error:03070068:big num routines:BN_mpi2bn:encoding error > > I've tried to list the key with 'doveadm mailbox cryptokey list -u user' but I'm only getting the following output: > Folder Active Public ID > And I've tried to create a password with 'doveadm mailbox cryptokey password -u user -n Password1' and I'm getting the following output: > result: dcrypt_key_load_private(...) failed: password missing >Can you try doveadm -o plugin/mail_crypt_private_password=desired_password mailbox cryptokey generate -u user -UR Aki
Possibly Parallel Threads
- bash script hook lda_mailbox_autocreate for generate mail-crypt user encrypted private key with user password
- Best mail encryption solution for per-user
- Best mail encryption solution for per-user
- Best mail encryption solution for per-user
- Best mail encryption solution for per-user