Hi,
(Reposting as my previous post got zero replies.)
We're running Dovecot 2.2.36 and we need to set up the mail-crypt plugin
to encrypt all incoming and outgoing emails. Outgoing emails seem to get
encrypted fine but the incoming ones don't. We tried everything
including this config:
mail_attribute_dict = file:%h/Maildir/dovecot-attributes
mail_plugins = $mail_plugins mail_crypt
plugin {
mail_crypt_global_private_key = <ecprivkey.pem
mail_crypt_global_public_key = <ecpubkey.pem
mail_crypt_save_version = 2
}
also this one:
plugin {
mail_crypt_curve = prime256v1
mail_crypt_save_version = 2
}
but to no avail. There are no visible errors, Dovecot restarts fine and
outgoing emails get encrypted. Any ideas?
--
Kind Regards,
Support Team
SERVERIA.COM
Riga, LV-1063, Latvia
US: +1 (213) 224-7938
LV: + (371) 22330032
Skype: bighostlv
support at serveria.com
www.serveria.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20191201/3f300b62/attachment.html>
The plugin encrypts mail to be written encrypted at rest /on/ the server, and then decrypts the same mail when it is read /off/ the server. If it is working correctly mails sent will arrive at their destination readable. You need to go to the user directory where the mail is residing (example): /mail/vhosts/XXXX/username/cur (wherever your user mail resides) Choose any mail (example... '1546546546546.Mdffgdfg535435.domain,S=4355435W=4r34534:3,S' ) will look something like that (I have obfuscated the actual example but it will look similar). Now try and view it on the server using> postcat '1546546546546.Mdffgdfg535435.domain,S=4355435W=4r34534:3,S'1. If you get an error that looks something like: *** ENVELOPE RECORDS '1546546546546.Mdffgdfg535435.domain,S=4355435W=4r34534:3,S' *** message_size: YPTED postcat: fatal: invalid size record: YPTED??? OR 2. Alternatively you can try and > cat the message like a text file and at the start of the output you will see the string: CRYPTED Then you will know the plugin is working. If it shows the message in plaintext, the plugin is not active. -- Sent from: http://dovecot.2317879.n4.nabble.com/
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
</head>
<body>
<div>
Please provide doveconf -n
</div>
<div>
<br>
</div>
<div>
Also set mail_debug=yes and provide logs.
</div>
<div>
<br>
</div>
<div>
Remember that dovecot can only encrypt mails if you are using LMTP or
dovecot-lda to deliver mails.
</div>
<div>
<br>
</div>
<div>
Aki
</div>
<blockquote type="cite">
<div>
On 01/12/2019 23:10 Serveria Support via dovecot <dovecot@dovecot.org>
wrote:
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div style="font-size: 10pt;" class="rcmBody">
<p>Hi,</p>
<p>(Reposting as my previous post got zero replies.)</p>
<p>We're running Dovecot 2.2.36 and we need to set up the
mail-crypt plugin to encrypt all incoming and outgoing emails. Outgoing emails
seem to get encrypted fine but the incoming ones don't. We tried everything
including this config:</p>
<p>mail_attribute_dict =
file:%h/Maildir/dovecot-attributes<br>mail_plugins = $mail_plugins
mail_crypt<br><br>plugin {<br>mail_crypt_global_private_key =
<ecprivkey.pem<br> mail_crypt_global_public_key = <ecpubkey.pem
<br> mail_crypt_save_version = 2</p>
<p>}</p>
<p>also this one:</p>
<p>plugin {</p>
<p>mail_crypt_curve = prime256v1</p>
<p>mail_crypt_save_version = 2</p>
<p>}</p>
<p>but to no avail. There are no visible errors, Dovecot restarts fine
and outgoing emails get encrypted. Any ideas?</p>
</div>
<p><br></p>
<div>
--
<br>
<p><br></p>
<p>Kind Regards,</p>
<p>Support Team<br>SERVERIA.COM<br>Riga, LV-1063,
Latvia<br>US: +1 (213) 224-7938<br>LV: + (371) 22330032</p>
<p>Skype:
bighostlv<br>support@serveria.com<br>www.serveria.com</p>
</div>
</blockquote>
<div>
<br>
</div>
<div class="io-ox-signature">
<pre>---
Aki Tuomi</pre>
</div>
</body>
</html>