similar to: bash script hook lda_mailbox_autocreate for generate mail-crypt user encrypted private key with user password

> Technically creating and encrypting folder key does not > require decrypting user's private key. All folder keys > are encrypted with user's public key. Problem is for that this is a new user. The new user has no private key. I need for generating that private key. It do not the sense encrypts something using a key public if there is no private key. Both key public and private

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Technically creating and encrypting folder key does not require decrypting user's private key. All folder keys are encrypted with user's public key. </div> <div> <br> </div> <div> Aki </div>

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> It's a known issue that the password will be set to silly value, most likely 'yes'. </div> <div> <br> </div> <div> You should generate the user key during provisioning with `doveadm cryptokey generate -Uu

Hello, Can the mail_crypt "folder keys" feature be used with encrypted user keys in passwd-file without sql database? It seems that there is no guide in the docs. Best regards, narangd -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20200805/1878e415/attachment.html>

??????? Original Message ??????? On Tuesday, July 2, 2019 6:32 PM, Aki Tuomi via dovecot <dovecot at dovecot.org> wrote: > I don't actually recommend using password directly from user as password for private keys, I recommend running them thru some hash / pkcs5 before that. That's a great idea and makes things even safer. I don't know much about PKCS5 but would SHA512 also

So I believe I generated a key successfully with: 'doveadm mailbox cryptokey generate -u user -UR' because I got the output with the check mark and the Public ID string of characters. However I still can't read the CRYPTED emails when logging in with IMAP.. i'm still getting the following error in the mail log: Error: read() failed: read(/var/vmail/[domain .

Aki really thanks for reply,, I hope for continue the conversation, >> Do you have advice about Dovecot plugins for mail encryption: >> >> https://wiki2.dovecot.org/Plugins/MailCrypt >> https://0xacab.org/riseuplabs/trees >> >> I like NaCL based encryption but the MailCrypt plugin is better >> because it's maintained by Dovecot developers (is this

Hi everyone, I'm trying to configure my email server to encrypt mails on a per user basis. I have the following in my conf: mail_plugins = $mail_plugins mail_crypt mail_attribute_dict = file:%h/Mail/dovecot-attributes plugin { mail_crypt_curve = secp521r1 mail_crypt_save_version = 2 mail_crypt_require_encrypted_user_key = yes mail_crypt_private_password =

Hai, Do you have advice about Dovecot plugins for mail encryption: https://wiki2.dovecot.org/Plugins/MailCrypt https://0xacab.org/riseuplabs/trees I like NaCL based encryption but the MailCrypt plugin is better because it's maintained by Dovecot developers (is this correct?) Hard to understand MailCrypt docs so may I ask, may I provide per user encryption? I don't like global

An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20230304/a3753b6e/attachment-0001.htm>

An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20230305/f943341b/attachment-0001.htm>

Hello, I am using the mail_crypt plugin with Dovecot 2.3 and have issues trying to use a mail crypt private password which contains a percent "%" character as you can see below: $ doveadm -o plugin/mail_crypt_private_password=SomethingWith\%Percent mailbox cryptokey generate -u email at domain.tld -URf doveadm(email at domain.tld): Error: Failed to expand plugin setting

> On 04/10/2019 21:34 Asai via dovecot <dovecot at dovecot.org> wrote: > > > On 10/4/2019 12:58 AM, Sami Ketola via dovecot wrote: > > > It depends heavily on how do you add users to your system. If you are using LDAP to store the user information then you can create the home directory at the same time you add the user to ldap. > > > > Sami >

So when I tried this way I got the following output: user'@'host:~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR user'@'host:~$ And when I tried this way I got the following output: user'@'host:~$doveadm -o plugin/mail_crypt_private_password=desired_password mailbox cryptokey generate -u user -UR Folder

> Can you try > > doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR > > Aki I tried that and got the following: user at host:~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR Folder Public ID user at host:~$ Then I sent a new email to the mail server, and I

On 27.05.2018 21:16, mail at sjemm.net wrote: > May 27, 2018 8:52 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >>> On 26 May 2018 at 10:36 mail at sjemm.net wrote: >>> >>> May 23, 2018 10:10 AM, mail at sjemm.net wrote: >>> May 23, 2018 9:46 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >>> >>> On

> On 26 May 2018 at 10:36 mail at sjemm.net wrote: > > > May 23, 2018 10:10 AM, mail at sjemm.net wrote: > > May 23, 2018 9:46 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: > > > >> On 23.05.2018 10:15, mail at sjemm.net wrote: > >> > >>> May 23, 2018 8:31 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote:

Hello Community, (sorry to be more busy, hence more running questions in parallel :) ) As mentioned in another post, I am testing mail_crypt plugin. I was wondering how to really secure the process sothat even the admin cannot have any access to the other users mail content. My current config is simple: - using per-folder keys (hence the per-user spaces are preserved) - put the

On 23.05.2018 10:15, mail at sjemm.net wrote: > May 23, 2018 8:31 AM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >> On 23.05.2018 09:13, mail at sjemm.net wrote: >> >>> May 20, 2018 8:01 PM, mail at sjemm.net wrote: >>>> May 20, 2018 2:47 PM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: >>> On 19 May 2018 at 16:40 mail