similar to: [mail-crypt-plugin] Private key location in Folder Key Mode

So when I tried this way I got the following output: user'@'host:~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR user'@'host:~$ And when I tried this way I got the following output: user'@'host:~$doveadm -o plugin/mail_crypt_private_password=desired_password mailbox cryptokey generate -u user -UR Folder

> Can you try > > doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR > > Aki I tried that and got the following: user at host:~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR Folder Public ID user at host:~$ Then I sent a new email to the mail server, and I

So I believe I generated a key successfully with: 'doveadm mailbox cryptokey generate -u user -UR' because I got the output with the check mark and the Public ID string of characters. However I still can't read the CRYPTED emails when logging in with IMAP.. i'm still getting the following error in the mail log: Error: read() failed: read(/var/vmail/[domain .

Hi, I have setup up a simple mail server using the ISPMail tutorial and I'm trying to learn how to create email encryption at rest. I'm having a tough time understanding how to set this up... So say a user logins thru roundcube and they type in their password...so the password authenticates to the mysql database which is storing their encrypted private key?? And once they access that

Hi, So I am able to encrypt email using the crypt plugin, but when I try to access the email by logging in thru mutt or roundcube the email is still encrypted. Is the decryption process automatic or do I have to create a custom program with the decrypt.rb code? Thanks. Sent with [ProtonMail](https://protonmail.com) Secure Email. -------------- next part -------------- An HTML attachment was

How do I enable the mail-crypt-plugin globally? Do I have to place 'mail_plugins = $mail_plugins mail_crypt' inside ever conf.d file where there is a protocol code block? Like for example the protocol lda codeblock in 15-lda.conf and the protocol imap codeblock in 20-imap.conf I placed 'mail_plugins = $mail_plugins mail_crypt' in 20-lmtp.conf inside the protocol lmtp code block,

Nice. It worked but I think there is a little output error (probably not a big issue): When I type the following command I get this output: user'@'host:~$ doveadm -o plugin/mail_crypt_private_private_password=1234 mailbox cryptokey export -u username -U /var/vmail/domain/username/Maildir/dovecot-attributes Folder: Public ID: <Public key ID> Error: -----BEGIN PRIVATE KEY-----

t_strftime and variants now .......................................... : ok test-time-util.c:123: Assert failed: strcmp(t_strftime(RFC2822_FMT, gmtime(&ts)), exp) == 0 test-time-util.c:124: Assert failed: strcmp(t_strfgmtime(RFC2822_FMT, ts), exp) == 0 t_strftime and variants fixed timestamp .............................. : FAILED timings 0

What it is way most best for causing bash script run (as root) of time mailbox created (lda_mailbox_autocreate)? I use dovecot 2.3.4.1 in Debian 10. And I use of mail-crypt-plugin https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/ I setup mail-crypt for requiring user encrypted EC key (mail_crypt_require_encrypted_user_key = yes). I want for passphrase encrypt EC key using client

Standard way to fix it (on the LibreSSL page) is to check for LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think catches them all where needed. Note the word think. It certainly appears to be working anyway with it. On 11/02/2016 04:07 AM, Aki Tuomi wrote: > After doing some testing by myself, I noticed that libressl, for some > unknown reason, defines > > #define

Timo, re: What OS is this? OS 10.12.3 with Xcode 8.2.1 and the official clang 3.9.0 re: test-time-util.c t_strftime and variants now .......................................... : ok Info: 'Thu, 08 Dec 2016 18:42:16 +0100' test-time-util.c:124: Assert failed: strcmp(t_strftime(RFC2822_FMT, gmtime(&ts)), exp) == 0 Info: 'Thu, 08 Dec 2016 18:42:16 +0100'

> Technically creating and encrypting folder key does not > require decrypting user's private key. All folder keys > are encrypted with user's public key. Problem is for that this is a new user. The new user has no private key. I need for generating that private key. It do not the sense encrypts something using a key public if there is no private key. Both key public and private

If the standard way works, I am happy to include the original patch I sent, amended so that it checks for presence of LIBRESSL_VERSION_NUMBER. If they keep this promise, then we should have no worries about things breaking up. Aki On 02.11.2016 14:24, Michael A. Peters wrote: > Indeed, which is why I use it. > > But it also is in the minority which is why I find it acceptable for

>> Can you try >> >> doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR >> >> Aki > > I tried that and got the following: > > [user at host](https://dovecot.org/mailman/listinfo/dovecot) :~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user

> Can you try rm dovecot-attributes file? Okay it worked. I kinda did that by 'rm -rf' the entire /var/vmail/domain, and then I ran the following: doveadm -o plugin/mail_crypt_private_password=desired_password mailbox cryptokey generate -u user -UR And I got the check mark and the ID string of characters. I sent a new email to the server, and was able to open and read the email =)

> On 1 Mar 2018, at 5:56 pm, Aki Tuomi <aki.tuomi at dovecot.fi <mailto:aki.tuomi at dovecot.fi>> wrote: > > > > On 01.03.2018 07:34, James Brown wrote: >> On 1 Mar 2018, at 4:09 pm, Aki Tuomi <aki.tuomi at dovecot.fi <mailto:aki.tuomi at dovecot.fi>> wrote: >>> >>> >>> What SSL library and version? >>> ---

Have tried 2.3.0, 2.3.0.1 & 2.2.34. Compile is failing for me. ./configure --with-mysql --with-ssl=openssl: ... checking for SSL_read in -lssl... yes checking openssl/ssl.h usability... yes checking openssl/ssl.h presence... yes checking for openssl/ssl.h... yes checking openssl/err.h usability... yes checking openssl/err.h presence... yes checking for openssl/err.h... yes checking if

On 1 Mar 2018, at 4:09 pm, Aki Tuomi <aki.tuomi at dovecot.fi <mailto:aki.tuomi at dovecot.fi>> wrote: > > >> On 01 March 2018 at 06:21 James Brown < jlbrown at bordo.com.au <mailto:jlbrown at bordo.com.au>> wrote: >> >> >> Have tried 2.3.0, 2.3.0.1 & 2.2.34. >> >> Compile is failing for me. >> >> ./configure

Hi! Those are used if #if OPENSSL_VERSION_NUMBER >= 0x10100000L So (your) libressl is providing this define. We compile our code using GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently officially supported one. Aki On 02.11.2016 12:34, Ruga wrote: > dovecot 2.2.26.0 uses the following functions, which are not available on libressl 2.4.3: > > HMAC_CTX_new >

They have stated they are going to remain API compatible with 1.0.1h (or g, forget which they forked) - their new stuff is outside of libcrypto. On 11/02/2016 04:25 AM, Aki Tuomi wrote: > It does work today, I am just bit worried that it will keep on breaking > with libressl as they evolve their API. I would personally like to avoid > more ifdef hell if possible... > > Aki >