Hi everyone, I am trying to configure Dovecot's mail_crypt plugin to support per-user encryption, with public and private keys stored in LDAP and retrieved via userdb.
My Goal:
- Each user has their own key pair (public/private) stored in LDAP.
- Incoming emails should be encrypted via LMTP using the user’s public key.
- Users should be able to read emails via IMAP/Webmail using their private key, which is password-protected (the user’s login password).
Current situation:
- Using global keys (same key for all users) works fine: LMTP encrypts emails and users can read them correctly.
- When trying to use per-user keys, I get encryption errors in IMAP, because Dovecot seems to require the private key even during LMTP, even though only the public key should be needed for encryption.
Typical error:
lmtp(…): Failed to initialize user: mail_crypt_plugin: main: crypt_private_key_password unset, no password to decrypt the key file
Example configuration (LDAP userdb): crypt_user_key_require_encrypted = yes userdb ldap { driver = ldap ldap_filter = (&(objectClass=MailClass) (mail=%{user})) result_internalfail = continue-ok fields { quota_storage_size = %{ldap:quota|default('5')}G mail_home = %{ldap:homeDirectory} crypt_global_public_key_file=inline:%{ldap:CryptoGlobalPubKey|default("")} crypt_global_private_key/main/crypt_private_key_file=inline:%{ldap:CryptoGlobalPrivKey|default('')} crypt_private_key_password=%{password} } }
Questions / help requested:
- Is it possible to configure mail_crypt so that LMTP can encrypt emails using only the user’s public key, without needing the private key?
- What is the correct way to use per-user keys with password-protected private keys?
- Are there any working examples of mail_crypt configurations using LDAP as the source for per-user keys?
I am fully aware that LMTP needs the private key of the user even if LMTP doesn't use, but during LMTP session the user password is not available.
Version: 2.4.2-1 (0962ed2104)
Thanks in advance for any guidance!