Setting up individual encrypted user keys using mail-crypt-plugin

Aki Tuomi aki.tuomi at open-xchange.com
Thu May 16 08:58:06 EEST 2019


On 16.5.2019 4.32, emordin via dovecot wrote:
> Hi,
> I have setup up a simple mail server using the ISPMail tutorial and
> I'm trying to learn how to create email encryption at rest.
>
> I'm having a tough time understanding how to set this up...
>
> So say a user logins thru roundcube and they type in their
> password...so the password authenticates to the mysql database which
> is storing their encrypted private key?? And once they access that
> private key, how do they use that private key to unencrypt their mailbox?
>

You can export mail_crypt_global_private_key_password from userdb to
specify how to do derive password to decrypt the private key. Or just
provide it there. Private key should be exported as
mail_crypt_global_private_key variable in userdb, and the corresponding
public key mail_crypt_global_public_key.


> I'm a super noob at this, and I may be off, but I don't know where to
> start when it comes to setting this up... if I'm way off could you
> just recommend some tutorials or other basics I should learn first
> before moving on to setting this up?
>
>
> Sent with ProtonMail <https://protonmail.com> Secure Email.
>

Aki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190516/6b450ac6/attachment.html>


More information about the dovecot mailing list