similar to: mail_crypt: multiple keypairs

??????? Original Message ??????? On Thursday, July 4, 2019 11:17 AM, @lbutlr via dovecot <dovecot at dovecot.org> wrote: > > Is it possible to delete the inactive keypair? if yes how? > > Wouldn?t you then be unable to *unencrypt* previous emails? That's also what I thought but based on my understand and on the documentation of the "mailbox cryptokey generate"

mail_attribute_dict = file:%h/Maildir/dovecot-attributes > dovecot.conf Apparently so?)) ----- ???????? ????????? ----- > ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org> > ????: "dovecot" <dovecot at dovecot.org> > ????????????: ???????, 17 ?????? 2017 ? 17:32:38 > ????: Re: Plugin "mail_crypt" does not work > Hi, guys. Also,

Aki really thanks for reply,, I hope for continue the conversation, >> Do you have advice about Dovecot plugins for mail encryption: >> >> https://wiki2.dovecot.org/Plugins/MailCrypt >> https://0xacab.org/riseuplabs/trees >> >> I like NaCL based encryption but the MailCrypt plugin is better >> because it's maintained by Dovecot developers (is this

> Technically creating and encrypting folder key does not > require decrypting user's private key. All folder keys > are encrypted with user's public key. Problem is for that this is a new user. The new user has no private key. I need for generating that private key. It do not the sense encrypts something using a key public if there is no private key. Both key public and private

On 3 Jul 2019, at 06:38, mabi via dovecot <dovecot at dovecot.org> wrote: > Is it possible to delete the inactive keypair? if yes how? Wouldn?t you then be unable to encrypt previous emails?

Hi! Some replies: 1. the problem with mail_crypt_global_public_key, there is a bug that we are fixing where file inputs under plugin { } section do not get aboard. workaround 1: You can base64 encode the PEM key (yes, again), and put it in one line such as plugin { mail_crypt_global_public_key = LS0tLS1C..... } workaround 2: Return the key from userdb, you can use same format. 3. The

Hai, Do you have advice about Dovecot plugins for mail encryption: https://wiki2.dovecot.org/Plugins/MailCrypt https://0xacab.org/riseuplabs/trees I like NaCL based encryption but the MailCrypt plugin is better because it's maintained by Dovecot developers (is this correct?) Hard to understand MailCrypt docs so may I ask, may I provide per user encryption? I don't like global

We tried these rights: [root at mail44 dovecot]# ls -la ????? 80 drwxr-xr-x 8 root root 4096 ??? 13 13:17 . drwxr-xr-x 98 root root 12288 ??? 11 11:47 .. drwxrwxrwx 2 root root 4096 ??? 10 15:58 eckey drwxr-xr-x 2 root root 4096 ??? 13 12:42 eckey2 drwxr-xr-x 2 vmail vmail 4096 ??? 11 09:14 RSAkey [root at mail44 dovecot]# cd eckey2 [root at mail44 eckey2]# ls -la ????? 16

Hello, I am using the mail_crypt plugin with Dovecot 2.3 and have issues trying to use a mail crypt private password which contains a percent "%" character as you can see below: $ doveadm -o plugin/mail_crypt_private_password=SomethingWith\%Percent mailbox cryptokey generate -u email at domain.tld -URf doveadm(email at domain.tld): Error: Failed to expand plugin setting

What it is way most best for causing bash script run (as root) of time mailbox created (lda_mailbox_autocreate)? I use dovecot 2.3.4.1 in Debian 10. And I use of mail-crypt-plugin https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/ I setup mail-crypt for requiring user encrypted EC key (mail_crypt_require_encrypted_user_key = yes). I want for passphrase encrypt EC key using client

Hi, I try to use the MailCrypt plugin with Floder encryption and encrypted user keys, using LDAP. I use Dovecot 2.2.27 (c0f36b0) I follow the wiki: https://wiki2.dovecot.org/Plugins/MailCrypt doveconf -n and dovecot-ldap.conf.ext attached to this message. I well configured slapd to let dovecot's dn query the userPassword (hashed password SSHA). I use fusiondirectory-mail plugin:

Hi everybody, I have a question about the Dovecot Mailcrypt Plugin. I'm trying to understand what the security of this plugin is based on. The encryption with private and public key and elliptic curves is basically a good thing. But the keys are in the file system together with the encrypted mails. The passwords for the private keys are in the user database. I guess the passwords have to

Hello everyone, I successfully set up the mail_crypt plugin using folder keys, and require user's key to be encrypted with a password using mail_crypt_require_encrypted_user_key = yes. As I'm trying to streamline the process of creating a user, and want to develop an application in PHP to help me in that process, I'm very interested in the doveadm HTTP API. Although the

Hi, we have a problem. Command "doveadm mailbox cryptokey" does not work: # doveadm mailbox cryptokey usage: doveadm [-Dv] [-f <formatter>] mailbox <command> [<args>] create [-u <user>|-A] [-S <socket_path>] [-s] [-g <guid>] <mailbox> [...] delete [-u <user>|-A] [-S <socket_path>] [-e] [-r] [-s] [-Z] <mailbox>

Do I have to replace the "password" part with the actual password or can I just copy it like that? Will dovecot create the keypair automatically or do I have to use doveadm? 4. Sep. 2019, 08:33 von aki.tuomi at open-xchange.com: > > > > On 4.9.2019 9.21, **** **** via dovecot wrote: > >> Hello there, >> >> is there a way to make the

Is any of the password schemes supported or is there a reason you chose pkcs5? 4. Sep. 2019, 08:45 von aki.tuomi at open-xchange.com: > > It should pick up the password used by the user, there is a caveat here though. The keypair is created on first use, so password will be initialized to empty string going thru pkcs5. This is slightly inconvenient. > > > To avoid

Hi, guys. Also, currently a problem (with http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key): # dovecot mailbox cryptokey generate -u name at example.com -UR doveadm(name at example.com): Error: mail_crypt_user_get_public_key(name at example.com) failed: mailbox_attribute_get(INBOX, /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active) failed: Mailbox attributes not

Quoting tai74 at vfemail.net: > Aki really thanks for reply,, I hope for continue the conversation, > >>> Do you have advice about Dovecot plugins for mail encryption: >>> >>> https://wiki2.dovecot.org/Plugins/MailCrypt >>> https://0xacab.org/riseuplabs/trees >>> >>> I like NaCL based encryption but the MailCrypt plugin is better

Hi, i have two questions about using "folder keys" for encryption: 1. If i use this method how can i decrypt files manually? 2. If move a letter to another folder (or remove it), it will be unreadable. Log: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) failed: Decryption error: no private key available (uid=5, box=Sent.test,