[Dovecot v2.2.33.2]
I'm testing out mail_crypt on a fresh Dovecot install to get a feel for how it works, but I'm running into something unexpected.
The mail_crypt plugin does seem to be working, but NOT on incoming email. What I mean is, if I send a test email to the server that has Dovecot installed, the message correctly arrives in the user's Maildir folder (I'm using Maildir format, not mbox), as I can see the mail message file appear. However, the message file is in plaintext and is not encrypted. But, if, using my Thunderbird email client connected to that account via IMAP, I move that message out of the inbox of that account to a folder on another account, and then move it back in to the original inbox, the file that appears in the Maildir folder structure IS encrypted.
I have confirmed that mail_crypt is active in 10-mail.conf, 20-imap.conf, and 20-pop3.conf. The global public and private keys are working because (a) there are no errors and (b) it DOES encrypt -- just not on incoming email. mail_crypt_save_version is set 2, as per the docs for Dovecot 2 instruct.
What am I missing? Does anyone have any thoughts as to why JUST incoming messages aren't encrypted, but that messages moved into the IMAP account DO get encrypted? Did I set up something incorrectly? I'm using sendmail as the MTA, if that matters, and messages are routed to the user's Maildir folder structure using a .procmailrc in that user's home folder. -Dave