I was reading through Dovecot mail-crypt plugin documentation and I'm wondering what is the benefit of turning the encryption on if private and public keys are both stored on the server? What are the benefits and how the key can be protected (apart from file permissions). Cheers, Chris -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: <https://dovecot.org/pipermail/dovecot/attachments/20190705/8ab47f10/attachment.sig>
What I can think of without any experience using mail-crypt - who says they need to be stored on the server? They need to be available on the server when you start dovecot. - and if you are using 3rd party external storage mounted on your server. At least this 3rd party cannot access the email -----Original Message----- From: Chris Narkiewicz via dovecot [mailto:dovecot at dovecot.org] Sent: vrijdag 5 juli 2019 7:11 To: dovecot at dovecot.org Subject: Email encryption and key protection I was reading through Dovecot mail-crypt plugin documentation and I'm wondering what is the benefit of turning the encryption on if private and public keys are both stored on the server? What are the benefits and how the key can be protected (apart from file permissions). Cheers, Chris