Issue with dovecot v2.3.4.1 and mail_crypt plugin. Email received, but not encrypted on disk until moved out of root Maildir folder. IMAP child crashes when mail is read from folder message was moved to.

22 May 2021


      Recently I attempted enabling the mail_crypt plugin on a per user basis
as summarized below:
uname -a
Linux smtp 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64
GNU/Linux
dovecot --version
2.3.4.1 (f79e8e7e4)
$ cat /etc/dovecot/conf.d/10-mailcrypt.conf
mail_attribute_dict = file:%h/Maildir/dovecot-attributes
mail_plugins = $mail_plugins mail_crypt
plugin {
mail_crypt_curve = secp521r1
mail_crypt_save_version = 2
mail_crypt_require_encrypted_user_key = yes
}
cat dovecot-sql.conf.ext
driver = mysql
connect = host=127.0.0.1 dbname=VVVVV user=WWWWWW password=XXXXXX
user_query = SELECT user, 

concat('*:bytes=', quota) AS quota_rule, 

'/mail/%d/%n' AS home, 

uid, gid 

FROM virtual_users WHERE user='%u';
password_query = SELECT user, password, crypt as
userdb_mail_crypt_save_version, '%w' AS
userdb_mail_crypt_private_password FROM virtual_users WHERE user='%u';
dovecot -n
# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 ()
# OS: Linux 4.19.0-16-amd64 x86_64 Debian 10.9
# Hostname: smtp.burk.tech
auth_verbose = yes
mail_attribute_dict = file:%h/Maildir/dovecot-attributes
mail_location = maildir:~/Maildir:LAYOUT=fs
mail_plugins = quota mail_crypt
mail_privileged_group = mail
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
type = private
}
passdb {
driver = pam
}
plugin {
mail_crypt_curve = secp521r1
mail_crypt_require_encrypted_user_key = # hidden, use -P to show it
mail_crypt_save_version = 2
}
protocols = imap
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-userdb {
mode = 0777
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = required
ssl_cert = 
The issue I've noticed occurs when the following settings above are
enabled and mail is received into the root of the Maildir fs, then mail
is moved to another folder (including a file being deleted). Upon a
client's retrieval of messages from the folder where mail was moved to,
the log spits out the following:
May 22 19:18:15 smtp dovecot: imap-login: Login: user=<ben>,
method=PLAIN, rip=XXX.XXX.XXX.XXX, lip=YYY.YYY.YYY.YYY, mpid=31682, TLS,
session=<7oASZPPCkN9EdIVp>
May 22 19:18:15 smtp dovecot: imap(ben)<31682><7oASZPPCkN9EdIVp>: Error:
Mailbox Trash: Saving mail: save: read() failed:
read(/mail/burk.tech/ben/Maildir/Receipts/cur/1621724316.M515979P30417.smtp,S=2903,W=2964:2,S)
failed: Private key not available: Cannot decrypt key
f9e7a6b9dd24535a29915fb46336047b07ae5b9fea5eda8e03cf9a8fa009f88b: Cannot
decrypt key
876c6bfbc355a86c3c924a5841bb2e5c6e1b0c5496d5116c4fcb9c511f803c87:
Password not available
May 22 19:18:15 smtp dovecot: imap(ben)<31682><7oASZPPCkN9EdIVp>: Error:
Mailbox Trash: copy: i_stream_read() failed:
read(/mail/burk.tech/ben/Maildir/Receipts/cur/1621724316.M515979P30417.smtp,S=2903,W=2964:2,S)
failed: Private key not available: Cannot decrypt key
f9e7a6b9dd24535a29915fb46336047b07ae5b9fea5eda8e03cf9a8fa009f88b: Cannot
decrypt key
876c6bfbc355a86c3c924a5841bb2e5c6e1b0c5496d5116c4fcb9c511f803c87:
Password not available
May 22 19:18:15 smtp dovecot: imap(ben)<31682><7oASZPPCkN9EdIVp>: Error:
Mailbox Trash: Saving mail: read() failed:
read(/mail/burk.tech/ben/Maildir/Receipts/cur/1621724316.M515979P30417.smtp,S=2903,W=2964:2,S)
failed: Private key not available: Cannot decrypt key
f9e7a6b9dd24535a29915fb46336047b07ae5b9fea5eda8e03cf9a8fa009f88b: Cannot
decrypt key
876c6bfbc355a86c3c924a5841bb2e5c6e1b0c5496d5116c4fcb9c511f803c87:
Password not available (read reason=)
May 22 19:18:15 smtp dovecot: imap(ben)<31682><7oASZPPCkN9EdIVp>: Panic:
file ostream-encrypt.c: line 631 (o_stream_encrypt_close): assertion
failed: (estream->finalized || estream->ctx_sym == NULL ||
estream->ostream.ostream.stream_errno != 0)
May 22 19:18:15 smtp dovecot: imap(ben)<31682><7oASZPPCkN9EdIVp>: Error:
Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0xdb73b)
[0x7fdb3ce7273b] -> /usr/lib/dovecot/libdovecot.so.0(+0xdb7d1)
[0x7fdb3ce727d1] -> /usr/lib/dovecot/libdovecot.so.0(+0x4a199)
[0x7fdb3cde1199] -> /usr/lib/dovecot/libdovecot.so.0(+0x49276)
[0x7fdb3cde0276] -> /usr/lib/dovecot/libdovecot.so.0(+0xffd5e)
[0x7fdb3ce96d5e] ->
/usr/lib/dovecot/libdovecot.so.0(o_stream_destroy+0x16) [0x7fdb3ce96d86]
-> /usr/lib/dovecot/libdovecot-storage.so.0(maildir_save_finish+0x18d)
[0x7fdb3cfa946d] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mailbox_save_cancel+0x4d)
[0x7fdb3cf8167d] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_copy+0x122)
[0x7fdb3cf73f22] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x5badc)
[0x7fdb3cf81adc] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x31)
[0x7fdb3cf81c11] -> dovecot/imap(+0x128f5) [0x563bd267a8f5] ->
dovecot/imap(command_exec+0x70) [0x563bd2687dc0] ->
dovecot/imap(+0x1e3f2) [0x563bd26863f2] -> dovecot/imap(+0x1e494)
[0x563bd2686494] -> dovecot/imap(client_handle_input+0x1b5)
[0x563bd2686845] -> dovecot/imap(client_input+0x7e) [0x563bd2686d6e] ->
/usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x6f) [0x7fdb3ce88bef]
-> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x136)
[0x7fdb3ce8a1e6] ->
/usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x4c)
[0x7fdb3ce88c8c] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40)
[0x7fdb3ce88df0] ->
/usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13)
[0x7fdb3ce09123] -> dovecot/imap(main+0x325) [0x563bd2678bf5] ->
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xeb) [0x7fdb3cbf209b]
-> dovecot/imap(_start+0x2a) [0x563bd2678d8a]
May 22 19:18:15 smtp dovecot: imap-login: Debug: SSL alert: close notify
May 22 19:18:15 smtp dovecot: imap(ben)<31682><7oASZPPCkN9EdIVp>: Fatal:
master: service(imap): child 31682 killed with signal 6 (core dumps
disabled - https://dovecot.org/bugreport.html#coredumps)
My keys for the user are as follows:
ben@smtp.burk.tech :~$ doveadm mailbox cryptokey list -U
doveadm(ben): Error: net_connect_unix(/var/run/dovecot/stats-writer)
failed: Permission denied
Folder Active Public ID
yes 876c6bfbc355a86c3c924a5841bb2e5c6e1b0c5496d5116c4fcb9c511f803c87
I've checked and it appears that the mail as its received into the root
of Maildir is not initially encrypted. It is stored plaintext. However,
when the mail is moved, it is then properly encrypted.
ben@smtp.burk.tech :~/Maildir/cur$ file 1621726534.31820_1.smtp\:2\,
1621726534.31820_1.smtp:2,: SMTP mail, ASCII text
ben@smtp.burk.tech :~/Maildir/Receipts/cur$ file
1621726595.M343917P30832.smtp\,S\=2927\,W\=2988\:2\,S
1621726595.M343917P30832.smtp,S=2927,W=2988:2,S: MailCrypt
--
Ben Burk
BURK.TECH System Administrator