Questions around mailcrypt and LDAP
Andre Rodier
andre at rodier.me
Thu Nov 10 19:39:21 UTC 2022
Hello, all.
I read carefully the messages about mailcrypt on the mailing list,
especially this response from Aki:
> It's best suited for securing external storage such as NFS or object storage.
> There are possibilities to encrypt the key using user's password, but this
> takes careful planning. The keys can also come from userdb , e.g. LDAP.
I am able to extend the LDAP schema of my OpenLDAP server to store a key
into LDAP attribute for each user.
In this case, would it be enough for Dovecot to encrypt the messages
when they arrive ?
Maybe I misunderstand the documentation. Even when using user keys
protected by a password, the Dovecot LMTP process should be able to
encrypt the emails with user’s public key, without a password, no ?
Ideally, I would like to store user's emails encrypted, so each users
cannot access other user's emails. I don't need folder sharing.
Thanks for your advice.
Kind regards,
André Rodier
More information about the dovecot
mailing list