Mail-crypt plugin clarification

[rje]

I'm looking into ways to encrypt the stored email on my server. The idea is
to make it impossible for my hosting provider (who has access to my VPS) to
read the mail from the disk. 

So I'm looking into ways to do this, and I found the mail-crypt plugin for
dovecot. Unfortunately I find the documentation very hard to understand.
There is no clear description of what the goal and purpose of the plugin is,
or how it works. Most of the documentation is very short and provides no
explanation. So here are some questions - I will gladly help to update the
documentation when some of these questions are answered :) If you cannot
answer them all, please tell me what you know..

- It seems mail-cypt will transparently encrypt/decrypt mail - so it stores
it on the server in encrypted form, but dovecot serves it unencrypted over
IMAP. Is this correct?

- It seems that mail-crypt needs both a private and a public key to work. Is
this correct?

- If mail-crypt has both private and public key in its configuration, does
that not defeat the purpose of the whole thing? Anyone with access to the
disk will be able to read everything?

Regarding the settings:

mail_crypt_global_private_key(_n) - Private key to decrypt files, you can
specify many
mail_crypt_global_public_key - Public key to use to encrypt files, you can
specify one

- How does this work? What does mail-crypt do when multiple private keys are
specified?

mail_crypt_private_key - Private key to decrypt user's master key, can be
base64 encoded
mail_crypt_private_password - Password to decrypt user's master key or
environment private key

- What is the relation between a users master key, and the private/public
global keys above? What is an environment private key?

TIA, and as I said above, I will help with updating the docs!



--
Sent from: http://dovecot.2317879.n4.nabble.com/