encrypt incoming emails with public gpg key before they are stored to maildir
Stephan Bosch
stephan at rename-it.nl
Wed Oct 30 19:21:38 EET 2019
On 30/10/2019 15:29, Fourhundred Thecat via dovecot wrote:
> Hello,
>
> I have asked on the postfix mailing list for a solution, how to encrypt
> incoming emails with public gpg key
>
> My original idea was to use a smtpd-milter, which would encrypt all
> incoming plaintext messages of given user, using the users public gpg
> key. This way, it would look as if the original sender has sent the
> message encrypted.
>
> Somebody suggested this might be better done in Dovecot, as it is
> Dovecot who stores the emails in Maildir.
>
> Does anybody have any suggestions how to implement this scheme in Dovecot ?
Something like this?
https://perot.me/encrypt-specific-incoming-emails-using-dovecot-and-sieve
Regards,
Stephan.
> I am including the original email below:
>
>> when new email arrives, and it is not already encrypted, I would like to
>> run it through a filter, which would encrypt the message with my public
>> gpg key, as if the original sender has sent the email encrypted.
>>
>> Why do I want to do this ? Why not ask the sender to send encrypted
>> messages to start with ?
>>
>> Lets say my bank sends me emails. I cannot force my bank to use gpg
>> encryption. I am happy they use email at all, instead of paper mail.
>>
>> My email server is untrusted. It can be hacked into and emails stolen.
>> Full disk encryption will not help, because the disk must be decrypted
>> during runtime.
>>
>> With my scheme, all emails would be stored encrypted on my server, and
>> decryption key does not exist on the server (emails are decrypted on my
>> local client)
>>
>> What would be the best way to implement this ?
>>
>> Can such filter work, without ever storing plaintext email on disk ?
> thanks,
More information about the dovecot
mailing list