Re: Plugin "mail_crypt" does not work
Hi, Aki! > 1. the problem with mail_crypt_global_public_key, there is a bug that we are > fixing where file inputs under plugin { } section do not get aboard. > > workaround 1: > You can base64 encode the PEM key (yes, again), and put it in one line such as > > plugin { > mail_crypt_global_public_key = LS0tLS1C. Its work!!! Thank you! > 3. The mail_attribute_dict thing requires that setting you discovered, but be > advised that in this mode it will create a keypair for each user, and keypair > per folder. Its work, too! (with "$mail_attribute_dict" -> dovecot.conf) PS > there is a bug that we are fixing Already there is a patch? Or waiting for new release? -- WBR, BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
Hi! Some replies: 1. the problem with mail_crypt_global_public_key, there is a bug that we are fixing where file inputs under plugin { } section do not get aboard. workaround 1: You can base64 encode the PEM key (yes, again), and put it in one line such as plugin { mail_crypt_global_public_key = LS0tLS1C. } workaround 2: Return the key from userdb, you can use same format. 3. The mail_attribute_dict thing requires that setting you discovered, but be advised that in this mode it will create a keypair for each user, and keypair per folder. For security and performance reasons, we recommend using ECDSA keys instead of RSA keys. --- Aki Tuomi Dovecot oy > On January 17, 2017 at 4:40 PM Evgeniy Korneechev <ekorneec...@altlinux.org> > wrote: > > > mail_attribute_dict = file:%h/Maildir/dovecot-attributes > dovecot.conf > > Apparently so?)) > > - Исходное сообщение - > > От: "Evgeniy Korneechev" <ekorneec...@altlinux.org> > > Кому: "dovecot" <dovecot@dovecot.org> > > Отправленные: Вторник, 17 Январь 2017 г 17:32:38 > > Тема: Re: Plugin "mail_crypt" does not work > > > Hi, guys. Also, currently a problem (with > > http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key): > > > > # dovecot mailbox cryptokey generate -u n...@example.com -UR > > doveadm(n...@example.com): Error: > > mail_crypt_user_get_public_key(n...@example.com) failed: > > mailbox_attribute_get(INBOX, > > /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active) > > failed: Mailbox attributes not enabled > > > > Something is wrong in the settings? Or bug? > > > > > > The same error in log when sending emails (with > > http://wiki2.dovecot.org/Plugins/MailCrypt#Base64_encoded_keys): > > > > Error: sieve: msgid=<57720a813eb7817c80ff67b21718a...@example.com>: failed > > to > > store into mailbox 'INBOX': > > get_public_key(INBOX) failed: mailbox_attribute_get(INBOX, > > /shared/vendor/vendor.dovecot/pvt/crypt/active) failed: > > Mailbox attributes not enabled > > > > Any ideas? > > > > > > - Исходное сообщение - > >> От: "Evgeniy Korneechev" <ekorneec...@altlinux.org> > >> Кому: "dovecot" <dovecot@dovecot.org> > >> Отправленные: Понедельник, 16 Январь 2017 г 18:17:44 > >> Тема: Re: Plugin "mail_crypt" does not work > > > >> We tried these rights: > >> > >> [root@mail44 dovecot]# ls -la > >> итого 80 > >> drwxr-xr-x 8 root root 4096 янв 13 13:17 . > >> drwxr-xr-x 98 root root 12288 янв 11 11:47 .. > >> drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey > >> drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2 > >> drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey > >> > >> [root@mail44 dovecot]# cd eckey2 > >> [root@mail44 eckey2]# ls -la > >> итого 16 > >> drwxr-xr-x 2 root root 4096 янв 13 12:42 . > >> drwxr-xr-x 8 root root 4096 янв 13 13:17 .. > >> -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem > >> -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem > >> > >> - Исходное сообщение - > >>> От: "Aki Tuomi" <aki.tu...@dovecot.fi> > >>> Кому: "dovecot" <dovecot@dovecot.org> > >>> Отправленные: Пятница, 13 Январь 2017 г 14:18:55 > >>> Тема: Re: Plugin "mail_crypt" does not work > >> > >>> On 13.01.2017 12:21, Evgeniy Korneechev wrote: > >>>> mail_crypt_global_public_key = >>> > >>> Is this world-wide readable file? Is LDA able to access this? > >>> > >>> Aki > >> > >> -- > >> WBR, > >> BaseALT/ALTLinux Team > > > > -- > > WBR, > > BaseALT/ALTLinux Team > > -- > WBR, > BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
mail_attribute_dict = file:%h/Maildir/dovecot-attributes > dovecot.conf Apparently so?)) - Исходное сообщение - > От: "Evgeniy Korneechev" <ekorneec...@altlinux.org> > Кому: "dovecot" <dovecot@dovecot.org> > Отправленные: Вторник, 17 Январь 2017 г 17:32:38 > Тема: Re: Plugin "mail_crypt" does not work > Hi, guys. Also, currently a problem (with > http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key): > > # dovecot mailbox cryptokey generate -u n...@example.com -UR > doveadm(n...@example.com): Error: > mail_crypt_user_get_public_key(n...@example.com) failed: > mailbox_attribute_get(INBOX, > /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active) > failed: Mailbox attributes not enabled > > Something is wrong in the settings? Or bug? > > > The same error in log when sending emails (with > http://wiki2.dovecot.org/Plugins/MailCrypt#Base64_encoded_keys): > > Error: sieve: msgid=<57720a813eb7817c80ff67b21718a...@example.com>: failed to > store into mailbox 'INBOX': > get_public_key(INBOX) failed: mailbox_attribute_get(INBOX, > /shared/vendor/vendor.dovecot/pvt/crypt/active) failed: > Mailbox attributes not enabled > > Any ideas? > > > - Исходное сообщение - >> От: "Evgeniy Korneechev" <ekorneec...@altlinux.org> >> Кому: "dovecot" <dovecot@dovecot.org> >> Отправленные: Понедельник, 16 Январь 2017 г 18:17:44 >> Тема: Re: Plugin "mail_crypt" does not work > >> We tried these rights: >> >> [root@mail44 dovecot]# ls -la >> итого 80 >> drwxr-xr-x 8 root root 4096 янв 13 13:17 . >> drwxr-xr-x 98 root root 12288 янв 11 11:47 .. >> drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey >> drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2 >> drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey >> >> [root@mail44 dovecot]# cd eckey2 >> [root@mail44 eckey2]# ls -la >> итого 16 >> drwxr-xr-x 2 root root 4096 янв 13 12:42 . >> drwxr-xr-x 8 root root 4096 янв 13 13:17 .. >> -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem >> -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem >> >> - Исходное сообщение - >>> От: "Aki Tuomi" <aki.tu...@dovecot.fi> >>> Кому: "dovecot" <dovecot@dovecot.org> >>> Отправленные: Пятница, 13 Январь 2017 г 14:18:55 >>> Тема: Re: Plugin "mail_crypt" does not work >> >>> On 13.01.2017 12:21, Evgeniy Korneechev wrote: >>>> mail_crypt_global_public_key = >> >>> Is this world-wide readable file? Is LDA able to access this? >>> >>> Aki >> >> -- >> WBR, >> BaseALT/ALTLinux Team > > -- > WBR, > BaseALT/ALTLinux Team -- WBR, BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
Hi, guys. Also, currently a problem (with http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key): # dovecot mailbox cryptokey generate -u n...@example.com -UR doveadm(n...@example.com): Error: mail_crypt_user_get_public_key(n...@example.com) failed: mailbox_attribute_get(INBOX, /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active) failed: Mailbox attributes not enabled Something is wrong in the settings? Or bug? The same error in log when sending emails (with http://wiki2.dovecot.org/Plugins/MailCrypt#Base64_encoded_keys): Error: sieve: msgid=<57720a813eb7817c80ff67b21718a...@example.com>: failed to store into mailbox 'INBOX': get_public_key(INBOX) failed: mailbox_attribute_get(INBOX, /shared/vendor/vendor.dovecot/pvt/crypt/active) failed: Mailbox attributes not enabled Any ideas? - Исходное сообщение - > От: "Evgeniy Korneechev" <ekorneec...@altlinux.org> > Кому: "dovecot" <dovecot@dovecot.org> > Отправленные: Понедельник, 16 Январь 2017 г 18:17:44 > Тема: Re: Plugin "mail_crypt" does not work > We tried these rights: > > [root@mail44 dovecot]# ls -la > итого 80 > drwxr-xr-x 8 root root 4096 янв 13 13:17 . > drwxr-xr-x 98 root root 12288 янв 11 11:47 .. > drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey > drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2 > drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey > > [root@mail44 dovecot]# cd eckey2 > [root@mail44 eckey2]# ls -la > итого 16 > drwxr-xr-x 2 root root 4096 янв 13 12:42 . > drwxr-xr-x 8 root root 4096 янв 13 13:17 .. > -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem > -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem > > - Исходное сообщение - >> От: "Aki Tuomi" <aki.tu...@dovecot.fi> >> Кому: "dovecot" <dovecot@dovecot.org> >> Отправленные: Пятница, 13 Январь 2017 г 14:18:55 >> Тема: Re: Plugin "mail_crypt" does not work > >> On 13.01.2017 12:21, Evgeniy Korneechev wrote: >>> mail_crypt_global_public_key = > >> Is this world-wide readable file? Is LDA able to access this? >> >> Aki > > -- > WBR, > BaseALT/ALTLinux Team -- WBR, BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
We tried these rights: [root@mail44 dovecot]# ls -la итого 80 drwxr-xr-x 8 root root 4096 янв 13 13:17 . drwxr-xr-x 98 root root 12288 янв 11 11:47 .. drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2 drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey [root@mail44 dovecot]# cd eckey2 [root@mail44 eckey2]# ls -la итого 16 drwxr-xr-x 2 root root 4096 янв 13 12:42 . drwxr-xr-x 8 root root 4096 янв 13 13:17 .. -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem - Исходное сообщение - > От: "Aki Tuomi" <aki.tu...@dovecot.fi> > Кому: "dovecot" <dovecot@dovecot.org> > Отправленные: Пятница, 13 Январь 2017 г 14:18:55 > Тема: Re: Plugin "mail_crypt" does not work > On 13.01.2017 12:21, Evgeniy Korneechev wrote: >> mail_crypt_global_public_key = > Is this world-wide readable file? Is LDA able to access this? > > Aki -- WBR, BaseALT/ALTLinux Team
Re: Plugin "mail_crypt" does not work
On 13.01.2017 12:21, Evgeniy Korneechev wrote: > mail_crypt_global_public_key =