search for: mail_crypt

Dovecot version: 2.2.22 (fe789d2) I generated an EC key from the page https://wiki2.dovecot.org/Plugins/. For reference here's my /etc/dovecot/conf.d/10-mail-crypt.conf file: ---- mail_plugins = $mail_plugins mail_crypt plugin { # mail_crypt_global_private_key = </etc/dovecot/ecprivkey.pem mail_crypt_global_public_key = </etc/dovecot/ecpubkey.pem mail_crypt_save_version = 2 } ---- I saw in a previous message on this mailing list that messages can be encrypted without the private key, so it'...

[Dovecot v2.2.33.2] I'm testing out mail_crypt on a fresh Dovecot install to get a feel for how it works, but I'm running into something unexpected. The mail_crypt plugin does seem to be working, but NOT on incoming email.? What I mean is, if I send a test email to the server that has Dovecot installed, the message correctly arrives in...

Hi, I have few questions regarding mail_crypt: 1) Is mail_crypt_global_private_key file read upon dovecot start/restart only or it is/can be read in any other time? I have made few tests by starting dovecot and removing master key for decryption - therefore it is not available on the platform - it only reside in memory, removing one of attack...

I've successfully implemented the mail_crypt plugin on v2.2.27 and it's working like a champ, but some of our administrative operations require access to Maildir messages in plaintext. I've found numerous threads detailing help with mail_crypt setup, but none of my research has yielded a method of decrypting the stored messages. Rel...

Hello, Can the mail_crypt "folder keys" feature be used with encrypted user keys in passwd-file without sql database? It seems that there is no guide in the docs. Best regards, narangd -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachm...

...all well! We have a really strange bug with our dovecot setup. After weeks and month of debugging we?re finally reached the point when we ask you for help. Our basic setup is quite simple: a single dovecot 2.3.10 (0da0eff44) install on Debian 10 with LDAP as user/passdb and sieve, imap_sieve and mail_crypt as mail_plugins. For the mail_crypt we have a special rule which allows us to enable crypting for each user individually. See this line from dovecot-ldap.conf.ext: pass_attrs = userPassword=password,=userdb_mail_plugins=%{if;%{real_lport};eq;993;imap_sieve;} %{if;%{real_lport};eq;143;imap_sieve;...

...ey.pem -rw-r--r-- 1 root root 232 ??? 13 12:42 ecpubkey.pem ----- ???????? ????????? ----- > ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> > ????: "dovecot" <dovecot at dovecot.org> > ????????????: ???????, 13 ?????? 2017 ? 14:18:55 > ????: Re: Plugin "mail_crypt" does not work > On 13.01.2017 12:21, Evgeniy Korneechev wrote: >> mail_crypt_global_public_key = </etc/dovecot/eckey/ecpubkey.pem > > Is this world-wide readable file? Is LDA able to access this? > > Aki -- WBR, BaseALT/ALTLinux Team

> > You forgot to load mail_crypt plugin. > > mail_plugins = $mail_plugins mail_crypt > With these settings also. # dovecot -n ..... mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_plugins = " mail_crypt" mbox_write_locks = fcntl ..... # service dovecot restart # doveadm mailbox cryptokey usage: doveadm [...

> On 22 March 2019 19:36 Dave via dovecot <dovecot at dovecot.org> wrote: > > > [Dovecot v2.2.33.2] > > I'm testing out mail_crypt on a fresh Dovecot install to get a feel for > how it works, but I'm running into something unexpected. > > The mail_crypt plugin does seem to be working, but NOT on incoming > email.? What I mean is, if I send a test email to the server that has > Dovecot installed, the mess...

How do I enable the mail-crypt-plugin globally? Do I have to place 'mail_plugins = $mail_plugins mail_crypt' inside ever conf.d file where there is a protocol code block? Like for example the protocol lda codeblock in 15-lda.conf and the protocol imap codeblock in 20-imap.conf I placed 'mail_plugins = $mail_plugins mail_crypt' in 20-lmtp.conf inside the protocol lmtp code block, and the actu...

On 29. Mar 2020, at 17.07, Timo Sirainen <timo at sirainen.com> wrote: > >> This is what the log says in the moment of crashing: >> dovecot: lmtp(53852): Panic: Module context mail_crypt_user_module missing >> *** backtrace *** (see: https://pastebin.com/YCiFtxmy) > > It shows mailbox_free() in the backtrace, so it's probably crashing in mail_crypt_mailbox_close()'s MAIL_CRYPT_CONTEXT(box). But looking at the code, I can't see how that could be possible. Ma...

...ttributes > dovecot.conf Apparently so?)) ----- ???????? ????????? ----- > ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org> > ????: "dovecot" <dovecot at dovecot.org> > ????????????: ???????, 17 ?????? 2017 ? 17:32:38 > ????: Re: Plugin "mail_crypt" does not work > Hi, guys. Also, currently a problem (with > http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key): > > # dovecot mailbox cryptokey generate -u name at example.com -UR > doveadm(name at example.com): Error: > mail_crypt_user_get_public_key(name at example.com)...

Hi, i have a problem. I sent test e-mail. It is in folder "Sent", but it was not delivered (folder "Inbox" is empty). /var/log/dovecot: ......... lda(mail at example.com): Error: User initialization failed: mail_crypt_plugin: mail_crypt_global_public_key: Couldn't parse public key: Unknown key format ......... Try RSA and EC: https://wiki2.dovecot.org/Plugins/MailCrypt#RSA_key https://wiki2.dovecot.org/Plugins/MailCrypt#EC_key Why "Unknown key format"? RSA pubkey: -----BEGIN PUBLIC KEY----- MIG...

Hi! Some replies: 1. the problem with mail_crypt_global_public_key, there is a bug that we are fixing where file inputs under plugin { } section do not get aboard. workaround 1: You can base64 encode the PEM key (yes, again), and put it in one line such as plugin { mail_crypt_global_public_key = LS0tLS1C..... } workaround 2: Return the key...

> Wiadomo?? napisana przez Aki Tuomi <aki.tuomi at dovecot.fi> w dniu 06.11.2017, o godz. 08:44: > > On 04.11.2017 20:52, Zbyszek ???kiewski wrote: >> Hi, >> >> I have few questions regarding mail_crypt: >> >> 1) Is mail_crypt_global_private_key file read upon dovecot start/restart only or it is/can be read in any other time? I have made few tests by starting dovecot and removing master key for decryption - therefore it is not available on the platform - it only reside in memory, remo...

Hi, guys. Also, currently a problem (with http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key): # dovecot mailbox cryptokey generate -u name at example.com -UR doveadm(name at example.com): Error: mail_crypt_user_get_public_key(name at example.com) failed: mailbox_attribute_get(INBOX, /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active) failed: Mailbox attributes not enabled Something is wrong in the settings? Or bug? The same error in log when sending emails (with http...

On 04.11.2017 20:52, Zbyszek ???kiewski wrote: > Hi, > > I have few questions regarding mail_crypt: > > 1) Is mail_crypt_global_private_key file read upon dovecot start/restart only or it is/can be read in any other time? I have made few tests by starting dovecot and removing master key for decryption - therefore it is not available on the platform - it only reside in memory, removing one...

...n 06.11.2017 13:20, Zbyszek ???kiewski wrote: > >> Wiadomo?? napisana przez Aki Tuomi <aki.tuomi at dovecot.fi> w dniu 06.11.2017, o godz. 08:44: >> >> On 04.11.2017 20:52, Zbyszek ???kiewski wrote: >>> Hi, >>> >>> I have few questions regarding mail_crypt: >>> >>> 1) Is mail_crypt_global_private_key file read upon dovecot start/restart only or it is/can be read in any other time? I have made few tests by starting dovecot and removing master key for decryption - therefore it is not available on the platform - it only reside in memor...

Hi, What would be a good backup method for mail stored encrypted with mail_crypt per user(folder). As the administrator does not have the key (the user has) i'm thinking: - the user must backup his/her email via the mail client, but as an admin you want to be able to restore mail when needed on the server itself or on a new server. - the admin creates a backup of the vma...

...he mail and encrypted symmetric key from server into local and decrypts it using local private key. > You probably want to use PGP then. > Instead of 1 and 2, the way like "the dovecot generates all 3 and removes only private key", can be considered with docker image deployment. mail_crypt plugin is primarily intended to protect storage medium, and not end user as such. While it does support this, it's not perfect tool for it, and can be bit difficult to set up. Dovecot does not support client-supplied private keys. > > Is it possible with mail_crypt? > > narangd &...