Hi!
Some replies:
- the problem with mail_crypt_global_public_key, there is a bug that we are fixing where file inputs under plugin { } section do not get aboard.
workaround 1: You can base64 encode the PEM key (yes, again), and put it in one line such as
plugin { mail_crypt_global_public_key = LS0tLS1C..... }
workaround 2: Return the key from userdb, you can use same format.
- The mail_attribute_dict thing requires that setting you discovered, but be advised that in this mode it will create a keypair for each user, and keypair per folder.
For security and performance reasons, we recommend using ECDSA keys instead of RSA keys.
Aki Tuomi Dovecot oy
On January 17, 2017 at 4:40 PM Evgeniy Korneechev ekorneechev@altlinux.org wrote:
mail_attribute_dict = file:%h/Maildir/dovecot-attributes > dovecot.conf
Apparently so?))
----- Исходное сообщение -----
От: "Evgeniy Korneechev" ekorneechev@altlinux.org Кому: "dovecot" dovecot@dovecot.org Отправленные: Вторник, 17 Январь 2017 г 17:32:38 Тема: Re: Plugin "mail_crypt" does not work
Hi, guys. Also, currently a problem (with http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key):
# dovecot mailbox cryptokey generate -u name@example.com -UR doveadm(name@example.com): Error: mail_crypt_user_get_public_key(name@example.com) failed: mailbox_attribute_get(INBOX, /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active) failed: Mailbox attributes not enabled
Something is wrong in the settings? Or bug?
The same error in log when sending emails (with http://wiki2.dovecot.org/Plugins/MailCrypt#Base64_encoded_keys):
Error: sieve: msgid=57720a813eb7817c80ff67b21718ae42@example.com: failed to store into mailbox 'INBOX': get_public_key(INBOX) failed: mailbox_attribute_get(INBOX, /shared/vendor/vendor.dovecot/pvt/crypt/active) failed: Mailbox attributes not enabled
Any ideas?
----- Исходное сообщение -----
От: "Evgeniy Korneechev" ekorneechev@altlinux.org Кому: "dovecot" dovecot@dovecot.org Отправленные: Понедельник, 16 Январь 2017 г 18:17:44 Тема: Re: Plugin "mail_crypt" does not work
We tried these rights:
[root@mail44 dovecot]# ls -la итого 80 drwxr-xr-x 8 root root 4096 янв 13 13:17 . drwxr-xr-x 98 root root 12288 янв 11 11:47 .. drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2 drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey
[root@mail44 dovecot]# cd eckey2 [root@mail44 eckey2]# ls -la итого 16 drwxr-xr-x 2 root root 4096 янв 13 12:42 . drwxr-xr-x 8 root root 4096 янв 13 13:17 .. -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem
----- Исходное сообщение -----
От: "Aki Tuomi" aki.tuomi@dovecot.fi Кому: "dovecot" dovecot@dovecot.org Отправленные: Пятница, 13 Январь 2017 г 14:18:55 Тема: Re: Plugin "mail_crypt" does not work
On 13.01.2017 12:21, Evgeniy Korneechev wrote:
mail_crypt_global_public_key =
Is this world-wide readable file? Is LDA able to access this?
Aki
-- WBR, BaseALT/ALTLinux Team
-- WBR, BaseALT/ALTLinux Team
-- WBR, BaseALT/ALTLinux Team