Hi,
I tried to enable encrypted folder keys using mail-crypt-plugin. It works as expected when using unencrypted folder keys. When I add
mail_crypt_require_encrypted_user_key = yes
as shown below, I somehow manage to crash dovecot:
dovecot: lmtp(82060): Fatal: master: service(lmtp): child 82060 killed with signal 6 (core not dumped - https://dovecot.org/bugreport.html#coredumps - set service lmtp { drop_priv_before_exec=yes })
dovecot: lmtp(67814): Panic: file mail-user.c: line 229 (mail_user_deinit): assertion failed: ((*user)->refcount== 1)
lmtp(root): Info: msgid=07e3a23b2aaea60b@mx.2718282.net: save failed to INBOX: generate_keypair(INBOX) failed: mail_crypt_require_encrypted_user_key set, cannot generate user keypair without password or key
My config files:
# 2.3.14 (cee3cbc0d): /etc/mail/imap.conf # OS: OpenBSD 6.9 amd64 auth_verbose = yes debug_log_path = /var/log/dovecot info_log_path = /var/log/dovecot mail_attribute_dict = file:%h/Maildir/dovecot-attributes mail_debug = yes namespace inbox { ... } passdb { args = /etc/mail/imap-sqlite.conf driver = sql } plugin { mail_crypt_curve = secp521r1 mail_crypt_require_encrypted_user_key = yes mail_crypt_save_version = 2 } protocols = imap lmtp service imap-login { ... } ssl = required ssl_cert =
# file: /etc/mail/imap-sqlite.conf
driver = sqlite
connect = /etc/mail/sqlite.db
default_pass_scheme = BLF-CRYPT
user_query = SELECT '/home/vmail/'||destination AS home FROM virtuals WHERE email = '%u'
password_query = SELECT email as user, password, '%w' AS
userdb_mail_crypt_private_password FROM credentials WHERE email = '%u'