Plugin "mail_crypt" - using folder keys
Hi, i have two questions about using "folder keys" for encryption:
If i use this method how can i decrypt files manually?
If move a letter to another folder (or remove it), it will be unreadable. Log: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) failed: Decryption error: no private key available (uid=5, box=Sent.test, read reason=) imap(cloud): Info: Internal error occurred. Refer to server log for more information.
or: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) failed: Decryption error: no private key available
How fix it?
Thank you in advance.
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 4.4.39-std-def-alt0.M80P.1 x86_64 ALT 8.1 Server ..... mail_attribute_dict = file:%h/Maildir/dovecot-attributes
mail_plugins = $mail_plugins mail_crypt
plugin { mail_crypt_curve = secp521r1 mail_crypt_save_version = 2 } .....
-- WBR, BaseALT/ALTLinux Team
Hi Evgeniy!
On 27.01.2017 16:58, Evgeniy Korneechev wrote:
Hi, i have two questions about using "folder keys" for encryption:
- If i use this method how can i decrypt files manually?
You have to export the private key from mailbox attributes, see doveadm mailbox cryptokey export.
- If move a letter to another folder (or remove it), it will be unreadable. Log: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) failed: Decryption error: no private key available (uid=5, box=Sent.test, read reason=) imap(cloud): Info: Internal error occurred. Refer to server log for more information.
or: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) failed: Decryption error: no private key available
How fix it?
Thank you in advance. This seems to be a bug, and we are looking into it.
Aki
On 30.01.2017 09:15, Aki Tuomi wrote:
Hi Evgeniy!
On 27.01.2017 16:58, Evgeniy Korneechev wrote:
Hi, i have two questions about using "folder keys" for encryption:
- If i use this method how can i decrypt files manually? You have to export the private key from mailbox attributes, see doveadm mailbox cryptokey export.
I noticed that this is probably bit too short answer, but for longer answer I'll write up information under
https://wiki.dovecot.org/Design/Dcrypt
soon.
Aki
Hi!
- If move a letter to another folder (or remove it), it will be unreadable. Log: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) failed: Decryption error: no private key available (uid=5, box=Sent.test, read reason=) imap(cloud): Info: Internal error occurred. Refer to server log for more information.
or: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) failed: Decryption error: no private key available
How fix it?
Thank you in advance.
This seems to be a bug, and we are looking into it.
Is the bug fixed in the new version (2.2.28)?
-- WBR, Korneechev Evgeniy BaseALT/ALTLinux Team
On 21.03.2017 08:00, Evgeniy Korneechev wrote:
Hi!
- If move a letter to another folder (or remove it), it will be unreadable. Log: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) failed: Decryption error: no private key available (uid=5, box=Sent.test, read reason=) imap(cloud): Info: Internal error occurred. Refer to server log for more information.
or: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) failed: Decryption error: no private key available
How fix it?
Thank you in advance. This seems to be a bug, and we are looking into it. Is the bug fixed in the new version (2.2.28)?
Unfortunately we are not able to provide a fix until 2.2.29, but it's scheduled for next month. I could provide you with a patch you can try if you want, once it's there.
Aki
On 2017-03-21 09:04, Aki Tuomi wrote:
On 21.03.2017 08:00, Evgeniy Korneechev wrote:
Hi!
- If move a letter to another folder (or remove it), it will be unreadable. Log: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) failed: Decryption error: no private key available (uid=5, box=Sent.test, read reason=) imap(cloud): Info: Internal error occurred. Refer to server log for more information.
or: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) failed: Decryption error: no private key available
How fix it?
Thank you in advance. This seems to be a bug, and we are looking into it. Is the bug fixed in the new version (2.2.28)?
Unfortunately we are not able to provide a fix until 2.2.29, but it's scheduled for next month. I could provide you with a patch you can try if you want, once it's there.
Aki
Apologies for taking so long, we have now have a fix for this. Once it's been committed to master, are you by chance willing to try it out?
Aki
On 04.05.2017 20:02, Aki Tuomi wrote:
On 2017-03-21 09:04, Aki Tuomi wrote:
On 21.03.2017 08:00, Evgeniy Korneechev wrote:
Hi!
- If move a letter to another folder (or remove it), it will be unreadable. Log: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) failed: Decryption error: no private key available (uid=5, box=Sent.test, read reason=) imap(cloud): Info: Internal error occurred. Refer to server log for more information.
or: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) failed: Decryption error: no private key available
How fix it?
Thank you in advance. This seems to be a bug, and we are looking into it. Is the bug fixed in the new version (2.2.28)?
Unfortunately we are not able to provide a fix until 2.2.29, but it's scheduled for next month. I could provide you with a patch you can try if you want, once it's there.
Aki
Apologies for taking so long, we have now have a fix for this. Once it's been committed to master, are you by chance willing to try it out?
Aki
On 15.05.2017 09:46, Aki Tuomi wrote:
On 04.05.2017 20:02, Aki Tuomi wrote:
On 2017-03-21 09:04, Aki Tuomi wrote:
On 21.03.2017 08:00, Evgeniy Korneechev wrote:
Hi!
- If move a letter to another folder (or remove it), it will be unreadable. Log: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) failed: Decryption error: no private key available (uid=5, box=Sent.test, read reason=) imap(cloud): Info: Internal error occurred. Refer to server log for more information.
or: imap(cloud): Error: read() failed: read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) failed: Decryption error: no private key available
How fix it?
Thank you in advance. This seems to be a bug, and we are looking into it. Is the bug fixed in the new version (2.2.28)?
Unfortunately we are not able to provide a fix until 2.2.29, but it's scheduled for next month. I could provide you with a patch you can try if you want, once it's there.
Aki Apologies for taking so long, we have now have a fix for this. Once it's been committed to master, are you by chance willing to try it out?
Aki
Sorry for empty email, my MUA acted up.
Anyways...
If you have time, please test https://github.com/dovecot/core/commit/9850d535fb72a898f469e8787d07f42934296...
Aki
Hello Aki,
I actually faced the very same problem (testing 2.2.29.1 on a prestage server)/
I downloaded the new version of this file (only) and now things look definitively better:
Stage:
Debian Jessie, dovecot 2.2.29.1, keys in sql DB, client thunderbird
Process:
receive a mail into inbox in crypted format
read it ok
create a new folder
move the message in the newly created folder
read it from thunderbird ok
When I have a bit more time, I will check if everything goes ok with sieve's "fileinto :create" :)
Cheers
On 05/15/2017 08:47 AM, Aki Tuomi wrote:
On 15.05.2017 09:46, Aki Tuomi wrote:
On 04.05.2017 20:02, Aki Tuomi wrote:
On 2017-03-21 09:04, Aki Tuomi wrote:
On 21.03.2017 08:00, Evgeniy Korneechev wrote:
Hi!
> 2. If move a letter to another folder (or remove it), it will be > unreadable. > Log: > imap(cloud): Error: read() failed: > read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) > failed: > Decryption error: no private key available (uid=5, box=Sent.test, > read reason=) > imap(cloud): Info: Internal error occurred. Refer to server log > for more > information. > > or: > imap(cloud): Error: read() failed: > read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) > failed: > Decryption error: no private key available > > How fix it? > > Thank you in advance. This seems to be a bug, and we are looking into it. Is the bug fixed in the new version (2.2.28)?
Unfortunately we are not able to provide a fix until 2.2.29, but it's scheduled for next month. I could provide you with a patch you can try if you want, once it's there.
Aki Apologies for taking so long, we have now have a fix for this. Once it's been committed to master, are you by chance willing to try it out?
Aki Sorry for empty email, my MUA acted up.
Anyways...
If you have time, please test https://github.com/dovecot/core/commit/9850d535fb72a898f469e8787d07f42934296...
Aki
Hello again Aki,
Just a simple confirmation: using sieve's "fileinto :create" seems to work properly also, using your temporary fix.
Cheers
On 05/15/2017 08:47 AM, Aki Tuomi wrote:
On 15.05.2017 09:46, Aki Tuomi wrote:
On 04.05.2017 20:02, Aki Tuomi wrote:
On 2017-03-21 09:04, Aki Tuomi wrote:
On 21.03.2017 08:00, Evgeniy Korneechev wrote:
Hi!
> 2. If move a letter to another folder (or remove it), it will be > unreadable. > Log: > imap(cloud): Error: read() failed: > read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) > failed: > Decryption error: no private key available (uid=5, box=Sent.test, > read reason=) > imap(cloud): Info: Internal error occurred. Refer to server log > for more > information. > > or: > imap(cloud): Error: read() failed: > read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) > failed: > Decryption error: no private key available > > How fix it? > > Thank you in advance. This seems to be a bug, and we are looking into it. Is the bug fixed in the new version (2.2.28)?
Unfortunately we are not able to provide a fix until 2.2.29, but it's scheduled for next month. I could provide you with a patch you can try if you want, once it's there.
Aki Apologies for taking so long, we have now have a fix for this. Once it's been committed to master, are you by chance willing to try it out?
Aki Sorry for empty email, my MUA acted up.
Anyways...
If you have time, please test https://github.com/dovecot/core/commit/9850d535fb72a898f469e8787d07f42934296...
Aki
Thank you for your report!
Aki
On 26.05.2017 00:53, dovecot@avv.solutions wrote:
Hello again Aki,
Just a simple confirmation: using sieve's "fileinto :create" seems to work properly also, using your temporary fix.
Cheers
On 05/15/2017 08:47 AM, Aki Tuomi wrote:
On 15.05.2017 09:46, Aki Tuomi wrote:
On 04.05.2017 20:02, Aki Tuomi wrote:
On 2017-03-21 09:04, Aki Tuomi wrote:
On 21.03.2017 08:00, Evgeniy Korneechev wrote:
Hi!
>> 2. If move a letter to another folder (or remove it), it will be >> unreadable. >> Log: >> imap(cloud): Error: read() failed: >> read(/home/cloud/Maildir/.Sent.test/cur/1485528498.M838579P2267....) >> failed: >> Decryption error: no private key available (uid=5, box=Sent.test, >> read reason=) >> imap(cloud): Info: Internal error occurred. Refer to server log >> for more >> information. >> >> or: >> imap(cloud): Error: read() failed: >> read(/home/cloud/Maildir/.Trash/cur/1485528906.M150750P3081....) >> failed: >> Decryption error: no private key available >> >> How fix it? >> >> Thank you in advance. > This seems to be a bug, and we are looking into it. Is the bug fixed in the new version (2.2.28)?
Unfortunately we are not able to provide a fix until 2.2.29, but it's scheduled for next month. I could provide you with a patch you can try if you want, once it's there.
Aki Apologies for taking so long, we have now have a fix for this. Once it's been committed to master, are you by chance willing to try it out?
Aki Sorry for empty email, my MUA acted up.
Anyways...
If you have time, please test https://github.com/dovecot/core/commit/9850d535fb72a898f469e8787d07f42934296...
Aki
participants (3)
-
Aki Tuomi
-
dovecot@avv.solutions
-
Evgeniy Korneechev