[Dovecot] Accessing plain text password from memory

Stanislas SABATIER s.sabatier at pobox.com
Fri Dec 13 19:25:32 EET 2013


2013/12/13 Rick Romero <rick at havokmon.com>

>
> ​(…)
>
> IMHO, your time is better spent creating a PGP plugin that uses public
> keys to encrypt the email contents.
> Rick
>
>
>
> ​That's exactly what I'm doing. Inbound mails are all encrypted with each
client's public key.

Then, clients can either decrypt mails on their own personal computer, or
have their mails decrypted on-the-fly server side.
In the later case, I store an encrypted private key for each client. To
open the private key, I need client's password.

Stan


More information about the dovecot mailing list