similar to: [mail-crypt-plugin] Password Query for Folder Keys questions

So when I tried this way I got the following output: user'@'host:~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR user'@'host:~$ And when I tried this way I got the following output: user'@'host:~$doveadm -o plugin/mail_crypt_private_password=desired_password mailbox cryptokey generate -u user -UR Folder

> Can you try > > doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR > > Aki I tried that and got the following: user at host:~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR Folder Public ID user at host:~$ Then I sent a new email to the mail server, and I

>> Can you try >> >> doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR >> >> Aki > > I tried that and got the following: > > [user at host](https://dovecot.org/mailman/listinfo/dovecot) :~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user

So I believe I generated a key successfully with: 'doveadm mailbox cryptokey generate -u user -UR' because I got the output with the check mark and the Public ID string of characters. However I still can't read the CRYPTED emails when logging in with IMAP.. i'm still getting the following error in the mail log: Error: read() failed: read(/var/vmail/[domain .

Please disregard the previous question. But I have another... I have set up Folder Key encryption, and have sent an email to my mail server which is CRYPTED, however when I try to login to read the email I'm getting a 'Private key not available: Cannot decrypt <...>: error:03070068:bignum routines:BN_mpi2bn:encoding error'. I've tried to list the user key and generate a new

mail_crypt_private_password cannot be hashed, as it's used to encrypt the key. Aki > On 06/08/2020 10:06 secure.light.0417.road <secure.light.0417.road at protonmail.com> wrote: > > > I've tried to append the field "userdb_mail_crypt_private_password=<same-hashed-password-in-passwd-file>" to the end of each user line in userdb as passwd-file. And use

Hi, So I am trying to locate the private key in dovecot-attributes but I can't seem to find it. I have went thru the strings in the file with the lib-dcrypt document as a guide but the private key doesn't seem to be in there. I'm guessing the private key is an internal attribute located here '/private/vendor/vendor.dovecot/pvt' , but according to the mail-attribute.h file

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Technically creating and encrypting folder key does not require decrypting user's private key. All folder keys are encrypted with user's public key. </div> <div> <br> </div> <div> Aki </div>

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> It's a known issue that the password will be set to silly value, most likely 'yes'. </div> <div> <br> </div> <div> You should generate the user key during provisioning with `doveadm cryptokey generate -Uu

Nice. It worked but I think there is a little output error (probably not a big issue): When I type the following command I get this output: user'@'host:~$ doveadm -o plugin/mail_crypt_private_private_password=1234 mailbox cryptokey export -u username -U /var/vmail/domain/username/Maildir/dovecot-attributes Folder: Public ID: <Public key ID> Error: -----BEGIN PRIVATE KEY-----

What it is way most best for causing bash script run (as root) of time mailbox created (lda_mailbox_autocreate)? I use dovecot 2.3.4.1 in Debian 10. And I use of mail-crypt-plugin https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/ I setup mail-crypt for requiring user encrypted EC key (mail_crypt_require_encrypted_user_key = yes). I want for passphrase encrypt EC key using client

On 27.05.2018 21:16, mail at sjemm.net wrote: > May 27, 2018 8:52 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >>> On 26 May 2018 at 10:36 mail at sjemm.net wrote: >>> >>> May 23, 2018 10:10 AM, mail at sjemm.net wrote: >>> May 23, 2018 9:46 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >>> >>> On

> On 26 May 2018 at 10:36 mail at sjemm.net wrote: > > > May 23, 2018 10:10 AM, mail at sjemm.net wrote: > > May 23, 2018 9:46 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: > > > >> On 23.05.2018 10:15, mail at sjemm.net wrote: > >> > >>> May 23, 2018 8:31 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote:

> Technically creating and encrypting folder key does not > require decrypting user's private key. All folder keys > are encrypted with user's public key. Problem is for that this is a new user. The new user has no private key. I need for generating that private key. It do not the sense encrypts something using a key public if there is no private key. Both key public and private

On 23.05.2018 10:15, mail at sjemm.net wrote: > May 23, 2018 8:31 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >> On 23.05.2018 09:13, mail at sjemm.net wrote: >> >>> May 20, 2018 8:01 PM, mail at sjemm.net wrote: >>>> May 20, 2018 2:47 PM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >>> On 19 May 2018 at 16:40 mail

On 23.05.2018 09:13, mail at sjemm.net wrote: > May 20, 2018 8:01 PM, mail at sjemm.net wrote: >> May 20, 2018 2:47 PM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >> >>>> On 19 May 2018 at 16:40 mail at sjemm.net wrote: >>>> >>>> May 18, 2018 10:01 PM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >>>>

How do I enable the mail-crypt-plugin globally? Do I have to place 'mail_plugins = $mail_plugins mail_crypt' inside ever conf.d file where there is a protocol code block? Like for example the protocol lda codeblock in 15-lda.conf and the protocol imap codeblock in 20-imap.conf I placed 'mail_plugins = $mail_plugins mail_crypt' in 20-lmtp.conf inside the protocol lmtp code block,

In Folder key plugin operation mode, using the following password query: password_query = SELECT \ email as user, password, \ '%w' AS userdb_mail_crypt_private_password \ FROM virtual_users WHERE email='%u'; Say I have two 'email' users...will each 'email' have a 'userdb_mail_crypt_private_password' field with a plaintext password (%w) in it? And is the

Hello everyone, I successfully set up the mail_crypt plugin using folder keys, and require user's key to be encrypted with a password using mail_crypt_require_encrypted_user_key = yes. As I'm trying to streamline the process of creating a user, and want to develop an application in PHP to help me in that process, I'm very interested in the doveadm HTTP API. Although the

Hello, I am using the mail_crypt plugin with Dovecot 2.3 and have issues trying to use a mail crypt private password which contains a percent "%" character as you can see below: $ doveadm -o plugin/mail_crypt_private_password=SomethingWith\%Percent mailbox cryptokey generate -u email at domain.tld -URf doveadm(email at domain.tld): Error: Failed to expand plugin setting