On 05/16/2018 06:07 AM, Aki Tuomi wrote: >> On 15 May 2018 at 22:43 Gandalf Corvotempesta >> <gandalf.corvotempe...@gmail.com> wrote: >> Is possible to implement and end-to-end encryption with dovecot, where >> server-side there is no private key to decrypt messages? > > You could probably automate this with sieve and e.g. GnuPG, which would mean > that all your mails are encrypted without server having key to decrypt this.
Considering the keywords "dovecot" and "sieve", that would still not be "end to end" and not even "MSA to MX"(-ish) but merely "encrypted storage upon/after final delivery", wouldn't it ... ? FWIW, for auto-encrypting someplace near the MSA, I've used the "GPGPit" tool that's available on the web (and that I've made into an "SMIMEit" myself). The nontrivial problem with that is to retrieve recipients' pubkeys in an even remotely trustworthy manner, of course. Regards, -- Jochen Bern Systemingenieur www.binect.de www.facebook.de/binect
smime.p7s
Description: S/MIME Cryptographic Signature
