similar to: question about Mailcrypt plugin

Do I have to replace the "password" part with the actual password or can I just copy it like that? Will dovecot create the keypair automatically or do I have to use doveadm? 4. Sep. 2019, 08:33 von aki.tuomi at open-xchange.com: > > > > On 4.9.2019 9.21, **** **** via dovecot wrote: > >> Hello there, >> >> is there a way to make the

Is any of the password schemes supported or is there a reason you chose pkcs5? 4. Sep. 2019, 08:45 von aki.tuomi at open-xchange.com: > > It should pick up the password used by the user, there is a caveat here though. The keypair is created on first use, so password will be initialized to empty string going thru pkcs5. This is slightly inconvenient. > > > To avoid

Hello there, is there a way to make the mailcrypt plugin use the user's password or at least store it in a hashed value? I'm using a passwd file for authentication. I feel uncomfortable saving the private password in plaintext in that file. Regards -------------- next part -------------- An HTML attachment was scrubbed... URL:

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 14/09/2019 16:08 Daniel Niewerth via dovecot < <a href="mailto:dovecot@dovecot.org">dovecot@dovecot.org</a>> wrote: </div>

Aki really thanks for reply,, I hope for continue the conversation, >> Do you have advice about Dovecot plugins for mail encryption: >> >> https://wiki2.dovecot.org/Plugins/MailCrypt >> https://0xacab.org/riseuplabs/trees >> >> I like NaCL based encryption but the MailCrypt plugin is better >> because it's maintained by Dovecot developers (is this

Hai, Do you have advice about Dovecot plugins for mail encryption: https://wiki2.dovecot.org/Plugins/MailCrypt https://0xacab.org/riseuplabs/trees I like NaCL based encryption but the MailCrypt plugin is better because it's maintained by Dovecot developers (is this correct?) Hard to understand MailCrypt docs so may I ask, may I provide per user encryption? I don't like global

mail_attribute_dict = file:%h/Maildir/dovecot-attributes > dovecot.conf Apparently so?)) ----- ???????? ????????? ----- > ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org> > ????: "dovecot" <dovecot at dovecot.org> > ????????????: ???????, 17 ?????? 2017 ? 17:32:38 > ????: Re: Plugin "mail_crypt" does not work > Hi, guys. Also,

Hello, I am testing mail_crypt plugin with per account encryption and wanted to generate a new keypair for an account but noticed that I now end up with 2 keypairs where one is active and the other inactive as you can see below: $ doveadm mailbox cryptokey list -u email at domain.tld -U Folder Active Public ID yes 7b140b4f3d6d68eed2c59259ac5e6f6a280dc82990292dc415b4100d6c797f67

Hi everybody, I run two redundant Dovecot servers with a shared Maildir on a GlusterFS volume and a SQL authentication backend based on a mirrored MariaDB database. Because of the splitbrain situation I would like to add two Dovecot Director as proxies. Since a few days I am trying to get the setup running. In the meantime I have achieved that the clients can successfully authenticate on the

> On 11 April 2019 00:49 David Salisbury via dovecot <dovecot at dovecot.org> wrote: > > > >>> > >> Yes. I gave it a try here, and it seems to work. Does it give any extra > >> information if you include -i flag? > >> > >> Aki > >> > > > > Yes, I had tried that, and it doesn't give much extra information, at

??????? Original Message ??????? On Thursday, July 4, 2019 11:17 AM, @lbutlr via dovecot <dovecot at dovecot.org> wrote: > > Is it possible to delete the inactive keypair? if yes how? > > Wouldn?t you then be unable to *unencrypt* previous emails? That's also what I thought but based on my understand and on the documentation of the "mailbox cryptokey generate"

It should pick up the password used by the user, there is a caveat here though. The keypair is created on first use, so password will be initialized to empty string going thru pkcs5. This is slightly inconvenient. To avoid this, you should probably have protocol imap { ??? passdb { ????? driver = static ????? args = userdb_mail_crypt_private_password=%{pkcs5,salt=%u,format=base64:password} }

> Technically creating and encrypting folder key does not > require decrypting user's private key. All folder keys > are encrypted with user's public key. Problem is for that this is a new user. The new user has no private key. I need for generating that private key. It do not the sense encrypts something using a key public if there is no private key. Both key public and private

Hi, I try to use the MailCrypt plugin with Floder encryption and encrypted user keys, using LDAP. I use Dovecot 2.2.27 (c0f36b0) I follow the wiki: https://wiki2.dovecot.org/Plugins/MailCrypt doveconf -n and dovecot-ldap.conf.ext attached to this message. I well configured slapd to let dovecot's dn query the userPassword (hashed password SSHA). I use fusiondirectory-mail plugin:

Hi, I just tried to generate keys for tinc. /usr/sbin/tinc generate-keys When generating the key, the rsa key are generated. But ik get de following error, what does it means. Generating ECDSA keypair: Generating EC key failed: error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown groupError during key generation! Perry

What it is way most best for causing bash script run (as root) of time mailbox created (lda_mailbox_autocreate)? I use dovecot 2.3.4.1 in Debian 10. And I use of mail-crypt-plugin https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/ I setup mail-crypt for requiring user encrypted EC key (mail_crypt_require_encrypted_user_key = yes). I want for passphrase encrypt EC key using client

> On 11 April 2019 17:44 David Salisbury via dovecot <dovecot at dovecot.org> wrote: > > > On 4/11/2019 1:50 AM, Aki Tuomi wrote: > > > >> ... > >> So, not being an expert at encryption, what are the ramifications of > >> those digests being read as different values in the two different > >> places???? I do notice that the

Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs? How do I test if this works? (though I should probably ask this on the OpenSSL list) The reason I suspect a problem is that HIPL for Centos (http://infrahip.hiit.fi/) is not creating the ECDSA Host Identity, whereas my Fedora installation IS creating the ECDSA HI.

We tried these rights: [root at mail44 dovecot]# ls -la ????? 80 drwxr-xr-x 8 root root 4096 ??? 13 13:17 . drwxr-xr-x 98 root root 12288 ??? 11 11:47 .. drwxrwxrwx 2 root root 4096 ??? 10 15:58 eckey drwxr-xr-x 2 root root 4096 ??? 13 12:42 eckey2 drwxr-xr-x 2 vmail vmail 4096 ??? 11 09:14 RSAkey [root at mail44 dovecot]# cd eckey2 [root at mail44 eckey2]# ls -la ????? 16