end-to-end encryption
Jochen Bern
jochen.bern at binect.de
Wed May 16 12:56:40 EEST 2018
On 05/16/2018 06:07 AM, Aki Tuomi wrote:
>> On 15 May 2018 at 22:43 Gandalf Corvotempesta <gandalf.corvotempesta at gmail.com> wrote:
>> Is possible to implement and end-to-end encryption with dovecot, where
>> server-side there is no private key to decrypt messages?
>
> You could probably automate this with sieve and e.g. GnuPG, which would mean
> that all your mails are encrypted without server having key to decrypt this.
Considering the keywords "dovecot" and "sieve", that would still not be
"end to end" and not even "MSA to MX"(-ish) but merely "encrypted
storage upon/after final delivery", wouldn't it ... ?
FWIW, for auto-encrypting someplace near the MSA, I've used the "GPGPit"
tool that's available on the web (and that I've made into an "SMIMEit"
myself). The nontrivial problem with that is to retrieve recipients'
pubkeys in an even remotely trustworthy manner, of course.
Regards,
--
Jochen Bern
Systemingenieur
www.binect.de
www.facebook.de/binect
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4278 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180516/8658631d/attachment-0001.p7s>
More information about the dovecot
mailing list