On 2015-02-08 10:56, Gilles Chehade wrote: > On Sun, Feb 08, 2015 at 12:33:15PM +1100, junying wrote: > > Hi Gilles, > > > > Hi, > > > > Sorry for my ignorance but I noticed that in smtpd.conf(5) that there is > > queue encryption which encrypts envelopes and messages. Can this be similar > > in anyway to what Lavabit used to do with end to end encryption with emails? > > > > Jason is partly right in his answer, queue encryption is not enough. > > When receiving mail OpenSMTPD will commit it to a queue which guarantees > that by the time the client disconnects we have written the message on a > permanent storage in case the daemon crashes, there's a power outage, or > the admin simply shuts down the daemon. > > Mails are then either distributed locally to a user mailbox, or they are > sent to another host which will distribue locally or send to another one > and so on. > > The queue encryption ONLY protects the mails while they're in queue, and > as soon as they are moved out of this queue they're no longer encrypted. > So, if you were to build a Lavabit clone, this would only solve one part > of the problem. > > Let's dig further into what's needed for a Lavabit clone since it is not > too hard to build one for yourself and it's a fun project. > > > 1- you need the queue to be encrypted. > 2- you need mails delivered to the users to be encrypted. > 3- you need mails to be decrypted when a user retrieves them. > > > The 1- part is easy, it's the queue encryption in OpenSMTPD. It protects > the mails while they are waiting to be delivered. > > The 2- part is also easy, you need a little script which reads a mail on > its standard input, encrypt it with the user public key and output it to > the user mailbox. I have done something similar, and we're talking about > a 30 lines python script. > > The 3- part is harder, you need to modify a pop3/imap4 server or write a > pop3/imap4 proxy so that when the user retrieves mails, the password can > be used to decrypt the private key and decrypt mails as user fetches. It > is not a very very hard task, but it requires a bit of work. >
As an alternative, you could have the above mentioned python script encrypt them using the end-users' gpg key. In this scenario, the email client can do the decryption, and you avoid having to (re) implement step 3. > > Queue encryption solves 1/3rd of the problem, the two others are outside > the OpenSMTPD scope. > > > -- > Gilles Chehade > > https://www.poolp.org @poolpOrg > > -- > You received this mail because you are subscribed to [email protected] > To unsubscribe, send a mail to: [email protected] > -- Hugo Osvaldo Barrera A: Because we read from top to bottom, left to right. Q: Why should I start my reply below the quoted text?
pgpPIfEOAls3W.pgp
Description: PGP signature
