mail-crypt when using passwd-file driver

Plutocrat plutocrat at gmail.com
Thu Dec 31 12:37:27 EET 2020


On 17/12/2020 19.17, Adam Gould wrote:
> I am looking for a solution to encrypt email using a mechanism that increases the difficulty of decrypting my email. For example, having a plain-text decryption key on disk would not be suitable.  From what I understand mail-crypt supports using the user password supplied via IMAP to decrypt email.  Can someone explain how this technically works? i.e. is the private key encrypted in disk and then unlocked using the supplied password?

I can't offer any solutions, but maybe I can help by asking what scenarios are you trying to protect against? So obviously emails in transit between the server will be protected by SSL encryption. And as you mention IMAP, I think you intend all the emails to stay on the server. So now what does that leave?

 - You want to protect against an attacker who gains access to the server (how?) and can escalate privileges and read mails on the disk?
 - You want to protect against an ISP/Data center employee who can get hold of a copy of your VM and read emails from it?
 - You want to protect data stored in backups? 
 - Other ... 

So maybe by understanding your fears, it might be possible to suggest solutions. One more random thought. It seems what you're trying to do is like what Lavabit did. They've opensourced their magma server on github, so it might be worth looking at that, if you haven't already 100 committed to dovecot. Possibly not a popular comment in this forum, but I'll risk it! 

Happy New Year everyone. It is upon us. 

P.




More information about the dovecot mailing list