Hi there,
is there a possibility to combine public mailboxes (as described in the first link below) with mailcrypt plugin using per-user keys (as described in the second link below)?
I assume, no. But if there's a solution like, for example, storing the decryption key multiple times with different password protection, or by using a global key for the public mailbox only, let me know...
I know that I could simply turn off encryption for the public mailbox, and I know how to do that. That's the fllback solution... ;)
Regards,
Robert
(1) https://doc.dovecot.org/configuration_manual/shared_mailboxes/public_shared/...
(2) https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/
-- Robert Senger
On 09/07/2023 18:24 EEST Robert Senger <rs-dovecot@lists.microscopium.de> wrote:
Hi there,
is there a possibility to combine public mailboxes (as described in the first link below) with mailcrypt plugin using per-user keys (as described in the second link below)?
I assume, no. But if there's a solution like, for example, storing the decryption key multiple times with different password protection, or by using a global key for the public mailbox only, let me know...
I know that I could simply turn off encryption for the public mailbox, and I know how to do that. That's the fllback solution... ;)
Regards,
Robert
(1) https://doc.dovecot.org/configuration_manual/shared_mailboxes/public_shared/...
(2) https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/
-- Robert Senger
Technically you could return a keypair for the public user from userdb, when the public user is being looked up. mail_crypt_global_public/private_key takes precedence over generated keys.
Aki
Am Montag, dem 10.07.2023 um 07:52 +0300 schrieb Aki Tuomi:
Technically you could return a keypair for the public user from userdb, when the public user is being looked up. mail_crypt_global_public/private_key takes precedence over generated keys.
Aki
Thanks. Tried that, and indeed with such a setup it is possible to have a global key for some accounts and folder keys for others.
But it does not work with public or shared mailboxes. A quick look at the source code revealed that mail-crypt plugin will not work with public mailboxes, but should work with shared mailboxes, even with encrypted folder keys. But this feature seem not to be documented very well...
I think I'll open another thread with appropriate subject to about this.
Regards,
Robert
-- Robert Senger
Am Montag, dem 10.07.2023 um 07:52 +0300 schrieb Aki Tuomi via dovecot:
Technically you could return a keypair for the public user from userdb, when the public user is being looked up. mail_crypt_global_public/private_key takes precedence over generated keys.
Aki
Thanks. Tried that, and indeed with such a setup it is possible to have a global key for some accounts and folder keys for others.
But it does not work with public or shared mailboxes. A quick look at the source code revealed that mail-crypt plugin will not work with public mailboxes, but should work with shared mailboxes, even with encrypted folder keys. But this feature seem not to be documented very well...
I think I'll open another thread with appropriate subject to about this.
Regards,
Robert
-- Robert Senger
participants (3)
-
Aki Tuomi
-
Robert Senger
-
Robert Senger