[Dovecot] Encryption Plugin
Hi,
There was a discussion a few months ago about a plugin for encrypting email before it hit the disk on the server, and doing transparent decryption while serving data to the client, see:
http://www.dovecot.org/list/dovecot/2009-July/041262.html
We have a client/user who is interested in such a plugin, and I was wondering if there has been any progress on it yet. In our particular case, server-side on-the-fly decryption would be acceptable. This service is useful in the case of a somewhat paranoid user who does not want the IT staff to have direct access to their email, without going through some major hoops (http://hushmail.com actually offers both server and client side decryption for these reasons).
The way I would imagine the plugin working is public-key encryption being done on the message as it was being delivered (plug in to dovecot's deliver). Then when a client connects, the private key is decrypted with the user's password and used to decrypt the messages on the fly. Depending on performance, it may be an idea to convert messages to use symmetric with rotating keys encrypted with the public key encryption.
If this were going to be done, I would think an IMAP protocol extension may be an idea so client-side encryption would be an option as well, so there would be end-to-end security.
On Thu, 2009-10-01 at 11:49 -0400, Patrick McLean wrote:
There was a discussion a few months ago about a plugin for encrypting email before it hit the disk on the server, and doing transparent decryption while serving data to the client, see:
http://www.dovecot.org/list/dovecot/2009-July/041262.html
We have a client/user who is interested in such a plugin, and I was wondering if there has been any progress on it yet.
Not from my side, no idea if someone else has done anything. My comments about zlib compression also apply to encryption: http://www.dovecot.org/list/dovecot/2009-June/040181.html
The way I would imagine the plugin working is public-key encryption being done on the message as it was being delivered (plug in to dovecot's deliver). Then when a client connects, the private key is decrypted with the user's password and used to decrypt the messages on the fly. Depending on performance, it may be an idea to convert messages to use symmetric with rotating keys encrypted with the public key encryption.
Easiest way to get started would be to just execute gpg or maybe libgpgme.
If this were going to be done, I would think an IMAP protocol extension may be an idea so client-side encryption would be an option as well, so there would be end-to-end security.
Maybe the messages could be just encrypted using regular pgp or S/MIME encryption so clients that support those already could open them. Although that wouldn't keep the message headers encrypted.
participants (2)
-
Patrick McLean
-
Timo Sirainen