Re: Plugin "mail_crypt" does not work
Hi, Aki!
> 1. the problem with mail_crypt_global_public_key, there is a bug that we are
> fixing where file inputs under plugin { } section do not get aboard.
>
> workaround 1:
> You can base64 encode the PEM key (yes, again), and put it in one line such as
>
> plugin {
> mail_crypt_global_public_key = LS0tLS1C.
Its work!!! Thank you!
> 3. The mail_attribute_dict thing requires that setting you discovered, but be
> advised that in this mode it will create a keypair for each user, and keypair
> per folder.
Its work, too! (with "$mail_attribute_dict" -> dovecot.conf)
PS
> there is a bug that we are fixing
Already there is a patch? Or waiting for new release?
--
WBR,
BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
Hi!
Some replies:
1. the problem with mail_crypt_global_public_key, there is a bug that we are
fixing where file inputs under plugin { } section do not get aboard.
workaround 1:
You can base64 encode the PEM key (yes, again), and put it in one line such as
plugin {
mail_crypt_global_public_key = LS0tLS1C.
}
workaround 2:
Return the key from userdb, you can use same format.
3. The mail_attribute_dict thing requires that setting you discovered, but be
advised that in this mode it will create a keypair for each user, and keypair
per folder.
For security and performance reasons, we recommend using ECDSA keys instead of
RSA keys.
---
Aki Tuomi
Dovecot oy
> On January 17, 2017 at 4:40 PM Evgeniy Korneechev <ekorneec...@altlinux.org>
> wrote:
>
>
> mail_attribute_dict = file:%h/Maildir/dovecot-attributes > dovecot.conf
>
> Apparently so?))
>
> - Исходное сообщение -
> > От: "Evgeniy Korneechev" <ekorneec...@altlinux.org>
> > Кому: "dovecot" <dovecot@dovecot.org>
> > Отправленные: Вторник, 17 Январь 2017 г 17:32:38
> > Тема: Re: Plugin "mail_crypt" does not work
>
> > Hi, guys. Also, currently a problem (with
> > http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key):
> >
> > # dovecot mailbox cryptokey generate -u n...@example.com -UR
> > doveadm(n...@example.com): Error:
> > mail_crypt_user_get_public_key(n...@example.com) failed:
> > mailbox_attribute_get(INBOX,
> > /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active)
> > failed: Mailbox attributes not enabled
> >
> > Something is wrong in the settings? Or bug?
> >
> >
> > The same error in log when sending emails (with
> > http://wiki2.dovecot.org/Plugins/MailCrypt#Base64_encoded_keys):
> >
> > Error: sieve: msgid=<57720a813eb7817c80ff67b21718a...@example.com>: failed
> > to
> > store into mailbox 'INBOX':
> > get_public_key(INBOX) failed: mailbox_attribute_get(INBOX,
> > /shared/vendor/vendor.dovecot/pvt/crypt/active) failed:
> > Mailbox attributes not enabled
> >
> > Any ideas?
> >
> >
> > - Исходное сообщение -
> >> От: "Evgeniy Korneechev" <ekorneec...@altlinux.org>
> >> Кому: "dovecot" <dovecot@dovecot.org>
> >> Отправленные: Понедельник, 16 Январь 2017 г 18:17:44
> >> Тема: Re: Plugin "mail_crypt" does not work
> >
> >> We tried these rights:
> >>
> >> [root@mail44 dovecot]# ls -la
> >> итого 80
> >> drwxr-xr-x 8 root root 4096 янв 13 13:17 .
> >> drwxr-xr-x 98 root root 12288 янв 11 11:47 ..
> >> drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey
> >> drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2
> >> drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey
> >>
> >> [root@mail44 dovecot]# cd eckey2
> >> [root@mail44 eckey2]# ls -la
> >> итого 16
> >> drwxr-xr-x 2 root root 4096 янв 13 12:42 .
> >> drwxr-xr-x 8 root root 4096 янв 13 13:17 ..
> >> -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem
> >> -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem
> >>
> >> - Исходное сообщение -
> >>> От: "Aki Tuomi" <aki.tu...@dovecot.fi>
> >>> Кому: "dovecot" <dovecot@dovecot.org>
> >>> Отправленные: Пятница, 13 Январь 2017 г 14:18:55
> >>> Тема: Re: Plugin "mail_crypt" does not work
> >>
> >>> On 13.01.2017 12:21, Evgeniy Korneechev wrote:
> >>>> mail_crypt_global_public_key = >>>
> >>> Is this world-wide readable file? Is LDA able to access this?
> >>>
> >>> Aki
> >>
> >> --
> >> WBR,
> >> BaseALT/ALTLinux Team
> >
> > --
> > WBR,
> > BaseALT/ALTLinux Team
>
> --
> WBR,
> BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
mail_attribute_dict = file:%h/Maildir/dovecot-attributes > dovecot.conf Apparently so?)) - Исходное сообщение - > От: "Evgeniy Korneechev" <ekorneec...@altlinux.org> > Кому: "dovecot" <dovecot@dovecot.org> > Отправленные: Вторник, 17 Январь 2017 г 17:32:38 > Тема: Re: Plugin "mail_crypt" does not work > Hi, guys. Also, currently a problem (with > http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key): > > # dovecot mailbox cryptokey generate -u n...@example.com -UR > doveadm(n...@example.com): Error: > mail_crypt_user_get_public_key(n...@example.com) failed: > mailbox_attribute_get(INBOX, > /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active) > failed: Mailbox attributes not enabled > > Something is wrong in the settings? Or bug? > > > The same error in log when sending emails (with > http://wiki2.dovecot.org/Plugins/MailCrypt#Base64_encoded_keys): > > Error: sieve: msgid=<57720a813eb7817c80ff67b21718a...@example.com>: failed to > store into mailbox 'INBOX': > get_public_key(INBOX) failed: mailbox_attribute_get(INBOX, > /shared/vendor/vendor.dovecot/pvt/crypt/active) failed: > Mailbox attributes not enabled > > Any ideas? > > > - Исходное сообщение - >> От: "Evgeniy Korneechev" <ekorneec...@altlinux.org> >> Кому: "dovecot" <dovecot@dovecot.org> >> Отправленные: Понедельник, 16 Январь 2017 г 18:17:44 >> Тема: Re: Plugin "mail_crypt" does not work > >> We tried these rights: >> >> [root@mail44 dovecot]# ls -la >> итого 80 >> drwxr-xr-x 8 root root 4096 янв 13 13:17 . >> drwxr-xr-x 98 root root 12288 янв 11 11:47 .. >> drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey >> drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2 >> drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey >> >> [root@mail44 dovecot]# cd eckey2 >> [root@mail44 eckey2]# ls -la >> итого 16 >> drwxr-xr-x 2 root root 4096 янв 13 12:42 . >> drwxr-xr-x 8 root root 4096 янв 13 13:17 .. >> -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem >> -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem >> >> - Исходное сообщение - >>> От: "Aki Tuomi" <aki.tu...@dovecot.fi> >>> Кому: "dovecot" <dovecot@dovecot.org> >>> Отправленные: Пятница, 13 Январь 2017 г 14:18:55 >>> Тема: Re: Plugin "mail_crypt" does not work >> >>> On 13.01.2017 12:21, Evgeniy Korneechev wrote: >>>> mail_crypt_global_public_key = >> >>> Is this world-wide readable file? Is LDA able to access this? >>> >>> Aki >> >> -- >> WBR, >> BaseALT/ALTLinux Team > > -- > WBR, > BaseALT/ALTLinux Team -- WBR, BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
Hi, guys. Also, currently a problem (with http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key): # dovecot mailbox cryptokey generate -u n...@example.com -UR doveadm(n...@example.com): Error: mail_crypt_user_get_public_key(n...@example.com) failed: mailbox_attribute_get(INBOX, /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active) failed: Mailbox attributes not enabled Something is wrong in the settings? Or bug? The same error in log when sending emails (with http://wiki2.dovecot.org/Plugins/MailCrypt#Base64_encoded_keys): Error: sieve: msgid=<57720a813eb7817c80ff67b21718a...@example.com>: failed to store into mailbox 'INBOX': get_public_key(INBOX) failed: mailbox_attribute_get(INBOX, /shared/vendor/vendor.dovecot/pvt/crypt/active) failed: Mailbox attributes not enabled Any ideas? - Исходное сообщение - > От: "Evgeniy Korneechev" <ekorneec...@altlinux.org> > Кому: "dovecot" <dovecot@dovecot.org> > Отправленные: Понедельник, 16 Январь 2017 г 18:17:44 > Тема: Re: Plugin "mail_crypt" does not work > We tried these rights: > > [root@mail44 dovecot]# ls -la > итого 80 > drwxr-xr-x 8 root root 4096 янв 13 13:17 . > drwxr-xr-x 98 root root 12288 янв 11 11:47 .. > drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey > drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2 > drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey > > [root@mail44 dovecot]# cd eckey2 > [root@mail44 eckey2]# ls -la > итого 16 > drwxr-xr-x 2 root root 4096 янв 13 12:42 . > drwxr-xr-x 8 root root 4096 янв 13 13:17 .. > -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem > -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem > > - Исходное сообщение - >> От: "Aki Tuomi" <aki.tu...@dovecot.fi> >> Кому: "dovecot" <dovecot@dovecot.org> >> Отправленные: Пятница, 13 Январь 2017 г 14:18:55 >> Тема: Re: Plugin "mail_crypt" does not work > >> On 13.01.2017 12:21, Evgeniy Korneechev wrote: >>> mail_crypt_global_public_key = > >> Is this world-wide readable file? Is LDA able to access this? >> >> Aki > > -- > WBR, > BaseALT/ALTLinux Team -- WBR, BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
We tried these rights: [root@mail44 dovecot]# ls -la итого 80 drwxr-xr-x 8 root root 4096 янв 13 13:17 . drwxr-xr-x 98 root root 12288 янв 11 11:47 .. drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2 drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey [root@mail44 dovecot]# cd eckey2 [root@mail44 eckey2]# ls -la итого 16 drwxr-xr-x 2 root root 4096 янв 13 12:42 . drwxr-xr-x 8 root root 4096 янв 13 13:17 .. -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem - Исходное сообщение - > От: "Aki Tuomi" <aki.tu...@dovecot.fi> > Кому: "dovecot" <dovecot@dovecot.org> > Отправленные: Пятница, 13 Январь 2017 г 14:18:55 > Тема: Re: Plugin "mail_crypt" does not work > On 13.01.2017 12:21, Evgeniy Korneechev wrote: >> mail_crypt_global_public_key = > Is this world-wide readable file? Is LDA able to access this? > > Aki -- WBR, BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
On 13.01.2017 12:21, Evgeniy Korneechev wrote: > mail_crypt_global_public_key =
