Hello, all.
I read carefully the messages about mailcrypt on the mailing list, especially this response from Aki:
It's best suited for securing external storage such as NFS or object storage. There are possibilities to encrypt the key using user's password, but this takes careful planning. The keys can also come from userdb , e.g. LDAP.
I am able to extend the LDAP schema of my OpenLDAP server to store a key into LDAP attribute for each user.
In this case, would it be enough for Dovecot to encrypt the messages when they arrive ?
Maybe I misunderstand the documentation. Even when using user keys protected by a password, the Dovecot LMTP process should be able to encrypt the emails with user’s public key, without a password, no ?
Ideally, I would like to store user's emails encrypted, so each users cannot access other user's emails. I don't need folder sharing.
Thanks for your advice.
Kind regards, André Rodier