Jeremy
2023-Mar-04 14:12 UTC
Setting up the mail-crypt plugin with virtual accounts that have no home directories
Hi again, I was able to solve both questions. I was overthinking things. A solution to the first question about mail_attribute_dict was simply to use other available variables to point to the virtual user's maildir paths. Like so: /var/mail/%d/%u/dovecot-attributes As for the second question: When I asked it, I was uncertain if dovecot would be able to cope with a hashed password for userdb_mail_crypt_private_password. I somehow believed dovecot required a plain text password there, as per the '%w' in the example password_query. Turns out this was not the case. Simply providing the already hashed password of the password field did the trick. So: password_query = SELECT \ email as user, password, \ password AS userdb_mail_crypt_private_password \ FROM virtual_users WHERE email='%u'; Hope this is of help to others if they stumble upon this question. ------- Original Message ------- On Thursday, February 23rd, 2023 at 08:53, Jeremy <mailinglist-subscriptions at protonmail.com> wrote:> Hi again, > > I am using dovecot 2.3.16, along with postfix and a PostgreSQL database for managing virtual accounts. > > After an initial topic from me about encrypting already existent mail, I could now use some pointers on how to set up the mail-crypt plugin for pure virtual accounts (i.e. that have no matching system users and/or home directories. I hope somebody can clarify a few things that are not entirely clear to me yet. > > After doing my own research, I believe the following should be possible: > > I'd like to use the password of virtual email accounts to let dovecot encrypt/decrypt the keys needed to encrypt/decrypt the mail in the relevant folders. > > As per the documentation @ https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/ I believe this would be all the configuration I need: > > # Config > mail_attribute_dict = file:%h/Maildir/dovecot-attributes > mail_plugins = $mail_plugins mail_crypt > > plugin { > mail_crypt_curve = secp521r1 # or some other preferred curve > mail_crypt_save_version = 2 > mail_crypt_require_encrypted_user_key = yes # necessary for encrypting keys with user password > } > > # File: /etc/dovecot/dovecot-sql.conf.ext > password_query = SELECT \ > email as user, password, \ > '%w' AS userdb_mail_crypt_private_password \ > FROM virtual_users WHERE email='%u'; > > My first question is: > Is it possible to configure mail_attribute_dict in such a way as to not use home directories. Since I only use virtual accounts, without those accounts having home directories, can I somehow tell dovecot to save the attributes into the PostsreSQL database, for instance? If not, can you suggest another approach, without having to create home directories for virtual users? > > My second question is: > The documentation warns about not using password directly in the above SQL query: > > > Choosing encryption key > > > DO NOT use password directly. It can contain % which is interpreted as > variable expansion and can cause errors. > > > Does this refer to not accidentally substituting '%w' with password? In other words, if I leave the above query as is, should I be good, even if plain text passwords of users potentially have % signs in them? Or would I need to take further measurements? (The passwords in my database are already hashed, by the way). > > I hope somebody can offer some guidance on this. Thanks.
Possibly Parallel Threads
- Setting up the mail-crypt plugin with virtual accounts that have no home directories
- Setting up the mail-crypt plugin with virtual accounts that have no home directories
- Setting up the mail-crypt plugin with virtual accounts that have no home directories
- Setting up the mail-crypt plugin with virtual accounts that have no home directories
- Setting up the mail-crypt plugin with virtual accounts that have no home directories