I have a similar setup to you. Mail_crypt enabled, user-keys. Like Aki says, its best to use tar for this. I wrote a script a year or so back to incrementally backup my mailboxes. Curious what others think.

https://gitlab.com/ben.burk/burk.tech_personal/-/raw/master/maildirincbackup.sh


On 7/30/23 00:29, eaerhaerhaehae aehraerhaeha wrote:
Hello everyone,
 
1. I was wondering whether mail-crypt is intended to be supported in the long run.
 
2. Furthermore, I was wondering about the best way to backup a whole email server with mail-crypt enabled.
 
(3. how do i use dsync with mail-crypt?)
 
Below are my thoughts so far. 
 
- doveadm seems to work on each user individually, and it seems that the password is required for this? At least tachtler/dovecot-backup complains about missing the key and password to decrypt the mails, and so does "dsync -f -u a@bc.de backup maildir:bc.de/a"
 
- I was going to just tar /var/mail, but it appears that maildirlock is deprecated and broken, so I would have to shut down dovecot temporarily, in order to maintain file/index integrity, which is not ideal.
 
- Running it in some kind of virtualized environment to be able to take atomic snapshots might work, but I read that the "uuid list", or whatever, is only updated "lazily". Would a shutdown even solve that?
 
- I just saw that replication is going away. Maybe it would not have supported mail-crypt anyway.
 
Thanks for any input.

_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-leave@dovecot.org