Thank you Aki, I will try to digg into that direction
On 05/26/2017 04:44 PM, Aki Tuomi wrote:
On May 26, 2017 at 5:13 PM "[email protected]" <[email protected]> wrote: Hello Community, (sorry to be more busy, hence more running questions in parallel :) ) As mentioned in another post, I am testing mail_crypt plugin. I was wondering how to really secure the process sothat even the admin cannot have any access to the other users mail content. My current config is simple: - using per-folder keys (hence the per-user spaces are preserved) - put the public/private global keys in base64 format into the sql DB (elliptic algo) This obviously allows anyone with read access to the table to decrypt the mails from the filesystem... which I try to prevent. Considering of course that all mail users are virtual and do not (and may not) have access to the box itself: - how can I secure the keys? I do not see how to handle a assword for them? - a solution might be to crypt/decrypt the keys using the user's password? - other? Thank you for you help.(sorry for possible duplicate) You can use userdb attribute mail_crypt_private_password to encrypt the private key. You can use something like userdb_mail_crypt_private_password = %{pkcs5;salt=<random string>%Lu:password} to generate the encryption password on the fly from passdb. Aki Tuomi Dovecot Oy
