Plugins/Mailcrypt: mail_crypt_private_password not assigned by password_query

Max Kostikov max at kostikov.co
Mon May 20 02:02:41 EEST 2019


I try to use Mailcrypt encrypted user keys with conjustion with dbsync 
replication(Dovecot 2.3.6 in FreeBSD 12.0 enviroment) but was 
unsuccessful.
If I provide a password in mail_crypt_private_password variable directly 
in Dovecot config all things works as expected

plugin {
     mail_crypt_curve = prime256v1
     mail_crypt_save_version = 2
     mail_crypt_require_encrypted_user_key = yes
     mail_crypt_private_password = 12345
}

but when I remove this and trying to get the same user password in 
password_query it seems password doesn't assigned

password_query  = SELECT username AS user, password, \
                   '%w' AS userdb_mail_crypt_private_password \
                   FROM mailbox WHERE username = LCASE('%u') \
                   AND active = '1'

with errors like this in log at server where message was accepted from 
remote system

May 20 00:40:31 server1 dovecot[35417]: 
dsync-local(foo at example.com)<Y51qBF/b4VyHigAAJQnBKg>: Error: 
dsync(server1.example.com): read() failed: 
read(/var/mail/example.com/foo/new/1558305609.M674400P35456.server1.example.com,S=4493,W=4601:2,a) 
failed: Private key not available: Cannot decrypt key 
a4ceb2df0287c0c0ccb0d76e31d91824e1f13e9ffe63d1e04a9a233a073d8a64: Cannot 
decrypt key 
5d19a9246ddce2759a21462974add562dd90f2cb2aa3ff6a5af1af1e3e9b58e6: 
Password not available (last sent=mail, last recv=mail_request (EOL))

and errors at replica server

May 20 00:40:31 server2 dovecot[63985]: 
dsync-local(foo at example.com)<MpW+HV/b4VwD+wAAfP91Tw>: Error: 
dsync(server2.example.com): read() failed: read() failed: dot-input 
stream ends without '.' line (last sent=mail_request (EOL), last 
recv=mail)

The question is it possible to have password encrypted user keys with 
Dovecot dbsync replication or we found a new bug?

-- 
With best regards,
Max Kostikov

W: https://kostikov.co | DeltaChat: mk at eprove.net


More information about the dovecot mailing list