mail_crypt_private_password cannot be hashed, as it's used to encrypt the key.
Aki > On 06/08/2020 10:06 secure.light.0417.road > <[email protected]> wrote: > > > I've tried to append the field > "userdb_mail_crypt_private_password=<same-hashed-password-in-passwd-file>" to > the end of each user line in userdb as passwd-file. And use the command below > to generate keys. > > doveadm -o plugin/mail_crypt_private_password=<not-hashed-user-password> > mailbox cryptokey generate -u <username> -U > > I confirmed mail encryption work properly. > > Also I've compared two "dovecot-attribute" files with and without > "mail_crypt_require_encrypted_user_key = yes". Seemingly they have no > difference. How to check that the private key in dovecot-attribute be > encrypted properly? > > narangd > > Sent with ProtonMail Secure Email. > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > On Thursday, August 6, 2020 1:03 AM, Aki Tuomi <[email protected]> > wrote: > > > > On 05/08/2020 18:45 secure.light.0417.road > > > [email protected] wrote: > > > Hello, > > > Can the mail_crypt "folder keys" feature be used with encrypted user keys > > > in passwd-file without sql database? It seems that there is no guide in > > > the docs. > > > Best regards, > > > narangd > > > > Dovecot stores folder and user keys into mail_attribute_dict. This does not > > have to be SQL database. > > > > You can also add `userdb_mail_crypt_private_password` into passwd-file to > > provide it if you use passwd-file as userdb. > > > > Aki
