Dovecot - mail_crypt - lmtp-server - no password to decrypt the key

Aki Tuomi aki.tuomi at open-xchange.com
Mon Jan 9 13:00:43 UTC 2023


> On 08/01/2023 18:55 EET Baljeet Bhinder <contact at baljeetbhinder.ca> wrote:
> 
> 
> I have been using postfix+dovecot successfully for a while now until I tried mail crypt plugin lately. I tried what is describe here https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/ and I went for global-keys as described here: https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/#global-keys
>  "A good solution for environments where no user folder sharing is needed is to generate per-user EC key pair and encrypt that with something derived from user’s password."
>  
>  I am setting mail_crypt_global_private_key, mail_crypt_global_public_key, mail_crypt_save_version from user_query and userdb_mail_crypt_global_private_key_password from password_query. mail_crypt seems to work fine in imap (I saved a message as draft and it is stored encrypted on the disk), but lmtp complains about "mail_crypt_global_private_key_password unset, no password to decrypt the key" As you can see below in logs that it was able to set all other mail_crypt_ configurations successfully from user_query. However, the password is provided via password_query and I assume lmtp does not read password_query. How else can I provide a password in lmtp? Is my approach correct to begin with?

Hi!

Problem with user-password derivation is that what you've ran into. Some features, like quota or FTS, might need to access user's mail without being able to access the password, because it's not available.

If you run into these, the only thing you can do is to not use conflicting features. Using user's password as the encryption key is very tricky thing to get working right.

> 
> Thanks
>  Baljeet Bhinder
>

Regards,
Aki


More information about the dovecot mailing list