On 16.05.2018 12:56, Jochen Bern wrote: > On 05/16/2018 06:07 AM, Aki Tuomi wrote: >>> On 15 May 2018 at 22:43 Gandalf Corvotempesta >>> <gandalf.corvotempe...@gmail.com> wrote: >>> Is possible to implement and end-to-end encryption with dovecot, where >>> server-side there is no private key to decrypt messages? >> You could probably automate this with sieve and e.g. GnuPG, which would mean >> that all your mails are encrypted without server having key to decrypt this. > Considering the keywords "dovecot" and "sieve", that would still not be > "end to end" and not even "MSA to MX"(-ish) but merely "encrypted > storage upon/after final delivery", wouldn't it ... ? > > FWIW, for auto-encrypting someplace near the MSA, I've used the "GPGPit" > tool that's available on the web (and that I've made into an "SMIMEit" > myself). The nontrivial problem with that is to retrieve recipients' > pubkeys in an even remotely trustworthy manner, of course. > > Regards,
To be strict, 'end to end' would mean that the SENDER would encrypt it on his station, and RECEIVER would only decrypt it on his station. Everything else is not end-to-end =) Aki