mail_crypt not working on incoming messages?

[Aki Tuomi]

> On 22 March 2019 19:36 Dave via dovecot <dovecot at dovecot.org> wrote:
> 
>  
> [Dovecot v2.2.33.2]
> 
> I'm testing out mail_crypt on a fresh Dovecot install to get a feel for 
> how it works, but I'm running into something unexpected.
> 
> The mail_crypt plugin does seem to be working, but NOT on incoming 
> email.  What I mean is, if I send a test email to the server that has 
> Dovecot installed, the message correctly arrives in the user's Maildir 
> folder (I'm using Maildir format, not mbox), as I can see the mail 
> message file appear.  However, the message file is in plaintext and is 
> not encrypted.  But, if, using my Thunderbird email client connected to 
> that account via IMAP, I move that message out of the inbox of that 
> account to a folder on another account, and then move it back in to the 
> original inbox, the file that appears in the Maildir folder structure IS 
> encrypted.
> 
> I have confirmed that mail_crypt is active in 10-mail.conf, 
> 20-imap.conf, and 20-pop3.conf.  The global public and private keys are 
> working because (a) there are no errors and (b) it DOES encrypt -- just 
> not on incoming email.  mail_crypt_save_version is set 2, as per the 
> docs for Dovecot 2 instruct.
> 
> What am I missing?  Does anyone have any thoughts as to why JUST 
> incoming messages aren't encrypted, but that messages moved into the 
> IMAP account DO get encrypted?  Did I set up something incorrectly? I'm 
> using sendmail as the MTA, if that matters, and messages are routed to 
> the user's Maildir folder structure using a .procmailrc in that user's 
> home folder.
> -Dave

Dovecot cannot magically encrypt your email, so it has to go thru dovecot-lda or lmtp. Procmail can call dovecot-lda, if you don't want to migrate to using sieve.

Aki