similar to: encrypted storage on the fly using user's password without storing password on the server

Bump? Nobody using mail-crypt right now (with user keys encrypted by user's password to work transparently from, say, Thunderbird) who could share their config? On 12/02/2020 11:54 pm, Alex Knowles wrote: > Hi all, > > I just joined the list. I've read through the mail-crypt plugin docs > here https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/ > >

What it is way most best for causing bash script run (as root) of time mailbox created (lda_mailbox_autocreate)? I use dovecot 2.3.4.1 in Debian 10. And I use of mail-crypt-plugin https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/ I setup mail-crypt for requiring user encrypted EC key (mail_crypt_require_encrypted_user_key = yes). I want for passphrase encrypt EC key using client

I have been using postfix+dovecot successfully for a while now until I tried mail crypt plugin lately. I tried what is describe here https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/ and I went for global-keys as described here: https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/#global-keys /"A good solution for environments where no user folder sharing is

Hi, I am using dovecot 2.3.16, along with postfix and a PostgreSQL database for managing virtual accounts. I'd like to start using the mail-crypt plugin. However, I'm having a bit some difficulty understanding the documentation at https://doc.dovecot.org/configuration_manual/mail_crypt_plugin to reach my goal. I plan to ask questions about those issues by starting new threads in this

> Technically creating and encrypting folder key does not > require decrypting user's private key. All folder keys > are encrypted with user's public key. Problem is for that this is a new user. The new user has no private key. I need for generating that private key. It do not the sense encrypts something using a key public if there is no private key. Both key public and private

> On 16/02/2023 07:18 EET mailinglist-subscriptions <mailinglist-subscriptions at protonmail.com> wrote: > > > Hi, > > I am using dovecot 2.3.16, along with postfix and a PostgreSQL database for managing virtual accounts. > > I'd like to start using the mail-crypt plugin. However, I'm having a bit some difficulty understanding the documentation at >

On Tuesday, February 21st, 2023 at 09:54, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > On 16/02/2023 07:18 EET mailinglist-subscriptions mailinglist-subscriptions at protonmail.com wrote: > > > > Hi, > > > > I am using dovecot 2.3.16, along with postfix and a PostgreSQL database for managing virtual accounts. > > > > I'd like to

I would definitely get mail-crypt working on your system before worrying about encrypting existing emails. Iirc dovecot should support both types of files (encrypted, and non-encrypted) concurrently. So BEFORE you try anything, make sure via logs, etc that mail is being written to the fs as an encrypted file and that dovecot is able to decrypt it (i.e. you are able to view that particular

Hi again, I am using dovecot 2.3.16, along with postfix and a PostgreSQL database for managing virtual accounts. After an initial topic from me about encrypting already existent mail, I could now use some pointers on how to set up the mail-crypt plugin for pure virtual accounts (i.e. that have no matching system users and/or home directories. I hope somebody can clarify a few things that are not

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Technically creating and encrypting folder key does not require decrypting user's private key. All folder keys are encrypted with user's public key. </div> <div> <br> </div> <div> Aki </div>

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> It's a known issue that the password will be set to silly value, most likely 'yes'. </div> <div> <br> </div> <div> You should generate the user key during provisioning with `doveadm cryptokey generate -Uu

An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20230304/f769686e/attachment.htm>

An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20230304/a3753b6e/attachment-0001.htm>

An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20230305/f943341b/attachment-0001.htm>

Hi everyone, Was just perusing this article about how trivial it is to decrypt passwords that are stored using most (standard) encryption methods (like MD5), and was wondering - is it possible to use bcrypt with dovecot+postfix+mysql (or posgres)? -- Best regards, Charles

Do I have to replace the "password" part with the actual password or can I just copy it like that? Will dovecot create the keypair automatically or do I have to use doveadm? 4. Sep. 2019, 08:33 von aki.tuomi at open-xchange.com: > > > > On 4.9.2019 9.21, **** **** via dovecot wrote: > >> Hello there, >> >> is there a way to make the

On Fri, Apr 07, 2023 at 19:42:11 +0200, lejeczek wrote: > > > On 06/04/2023 16:12, Peter Krempa wrote: > > On Thu, Apr 06, 2023 at 15:22:10 +0200, lejeczek wrote: > > > Hi guys. > > > > > > Is there a solution, perhaps a function of libvirt, to backup guest's > > > storage and encrypt the resulting image file? > > > On-the-fly

On 06/04/2023 16:12, Peter Krempa wrote: > On Thu, Apr 06, 2023 at 15:22:10 +0200, lejeczek wrote: >> Hi guys. >> >> Is there a solution, perhaps a function of libvirt, to backup guest's >> storage and encrypt the resulting image file? >> On-the-fly ideally. >> If not ready/built-in solution then perhaps a best technique you >> recommend/use?

Anyone got any experience/suggestions for a way to store a directory of sensitive information on a CentOS box? This directory contains many scripts and output files, I need it backed up but not unencrypted and don't want to store it in a tar file type archive as when it needs to be accessed and have scripts executed/data generated, it needs to be untarred/unencrypted and I don't know the

Hi, As stated on the Dovecot documentation, at rest encryption is possible [1]. However, these keys are present on the system itself and are unprotected. Therefore, if a system is compromised, the attacker has access to the encrypted mail and the keys. There is no security benefit in that situation, except for hoping that the attacker doesn't understand that this is happening and how.