To anyone sifting through this mailing list in the future, I was able to accomplish manual encryption by moving mail or folders. This can be done in the client or through doveadm move.
On 7/14/21 11:00 AM, Aki Tuomi wrote:
On 14/07/2021 18:31 Ben Burk <ben@burk.tech> wrote:
One more question and I think I should be ok. I just need to encrypt unencrypted mails after having originally enabled mail_crypt.
I've determined how to decrypt encrypted mails from command line using the private key for the mail folder, like so:
sudo -u vmail doveadm -o plugin/mail_crypt_private_password="${pass}" mailbox cryptokey export -u user test | awk '/BEGIN PRIVATE KEY/,/END PRIVATE KEY/' | sudo -u vmail tee /tmp/doveadm_HfztmQ-6192-3032
/dev/null 2>&1
sudo -u vmail doveadm fs get crypt private_key_path=/tmp/doveadm_HfztmQ-6192-3032:posix:prefix=/var/mail/domain/user/Maildir/test/cur/ 1626274985.M269696P3026.smtp\,S\=11765\,W\=12153\:2\,S
However, I'm still not sure how I'm supposed to export the public key to do the encryption operation on unencrypted mail. The only keys that I've been able to export for this folder-key system are the private keys per folder and the private keys for the user:
sudo -u vmail doveadm -o plugin/mail_crypt_private_password="${pass}" mailbox cryptokey export -u user test
sudo -u vmail doveadm -o plugin/mail_crypt_private_password="${pass}" mailbox cryptokey export -u user -U
I've tried with
On 7/12/21 1:25 AM, Aki Tuomi wrote:
Try
sudo -u vmail doveadm -o plugin/mail_crypt_private_password="${pass}" mailbox cryptokey export -u user '*'
(note the '*')
Aki
-- Ben Burk BURK.TECH System Administrator
Ben Burk BURK.TECH System Administrator I don't think you can realistically encrypt those emails by hand. I mean with maildir it's "doable", but will require doing it with some external script. Maybe use
doveadm import
to import them from somewhere?Aki
-- Ben Burk BURK.TECH System Administrator