[Dovecot] Accessing plain text password from memory

Rick Romero rick at havokmon.com
Fri Dec 13 19:33:36 EET 2013


Quoting Stanislas SABATIER <s.sabatier at pobox.com>:

> 2013/12/13 Rick Romero <rick at havokmon.com>
>
>>
>> ​(…)
>>
>> IMHO, your time is better spent creating a PGP plugin that uses public
>> keys to encrypt the email contents.
>> Rick
>>
>>
>>
>> ​That's exactly what I'm doing. Inbound mails are all encrypted with each
> client's public key.
>
> Then, clients can either decrypt mails on their own personal computer, or
> have their mails decrypted on-the-fly server side.
> In the later case, I store an encrypted private key for each client. To
> open the private key, I need client's password.
>
> Stan

Oh!  I feel so much better now :)

Rick



More information about the dovecot mailing list