Hi!
Some replies:
1. the problem with mail_crypt_global_public_key, there is a bug that we are
fixing where file inputs under plugin { } section do not get aboard.
workaround 1:
You can base64 encode the PEM key (yes, again), and put it in one line such as
plugin {
mail_crypt_global_public_key = LS0tLS1C.....
}
workaround 2:
Return the key from userdb, you can use same format.
3. The mail_attribute_dict thing requires that setting you discovered, but be
advised that in this mode it will create a keypair for each user, and keypair
per folder.
For security and performance reasons, we recommend using ECDSA keys instead of
RSA keys.
---
Aki Tuomi
Dovecot oy
> On January 17, 2017 at 4:40 PM Evgeniy Korneechev <ekorneec...@altlinux.org>
> wrote:
>
>
> mail_attribute_dict = file:%h/Maildir/dovecot-attributes > dovecot.conf
>
> Apparently so?))
>
> ----- Исходное сообщение -----
> > От: "Evgeniy Korneechev" <ekorneec...@altlinux.org>
> > Кому: "dovecot" <dovecot@dovecot.org>
> > Отправленные: Вторник, 17 Январь 2017 г 17:32:38
> > Тема: Re: Plugin "mail_crypt" does not work
>
> > Hi, guys. Also, currently a problem (with
> > http://wiki2.dovecot.org/Plugins/MailCrypt#EC_key):
> >
> > # dovecot mailbox cryptokey generate -u n...@example.com -UR
> > doveadm(n...@example.com): Error:
> > mail_crypt_user_get_public_key(n...@example.com) failed:
> > mailbox_attribute_get(INBOX,
> > /shared/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/pvt/crypt/active)
> > failed: Mailbox attributes not enabled
> >
> > Something is wrong in the settings? Or bug?
> >
> >
> > The same error in log when sending emails (with
> > http://wiki2.dovecot.org/Plugins/MailCrypt#Base64_encoded_keys):
> >
> > Error: sieve: msgid=<57720a813eb7817c80ff67b21718a...@example.com>: failed
> > to
> > store into mailbox 'INBOX':
> > get_public_key(INBOX) failed: mailbox_attribute_get(INBOX,
> > /shared/vendor/vendor.dovecot/pvt/crypt/active) failed:
> > Mailbox attributes not enabled
> >
> > Any ideas?
> >
> >
> > ----- Исходное сообщение -----
> >> От: "Evgeniy Korneechev" <ekorneec...@altlinux.org>
> >> Кому: "dovecot" <dovecot@dovecot.org>
> >> Отправленные: Понедельник, 16 Январь 2017 г 18:17:44
> >> Тема: Re: Plugin "mail_crypt" does not work
> >
> >> We tried these rights:
> >>
> >> [root@mail44 dovecot]# ls -la
> >> итого 80
> >> drwxr-xr-x 8 root root 4096 янв 13 13:17 .
> >> drwxr-xr-x 98 root root 12288 янв 11 11:47 ..
> >> drwxrwxrwx 2 root root 4096 янв 10 15:58 eckey
> >> drwxr-xr-x 2 root root 4096 янв 13 12:42 eckey2
> >> drwxr-xr-x 2 vmail vmail 4096 янв 11 09:14 RSAkey
> >>
> >> [root@mail44 dovecot]# cd eckey2
> >> [root@mail44 eckey2]# ls -la
> >> итого 16
> >> drwxr-xr-x 2 root root 4096 янв 13 12:42 .
> >> drwxr-xr-x 8 root root 4096 янв 13 13:17 ..
> >> -rw-r--r-- 1 root root 316 янв 13 12:41 ecprivkey.pem
> >> -rw-r--r-- 1 root root 232 янв 13 12:42 ecpubkey.pem
> >>
> >> ----- Исходное сообщение -----
> >>> От: "Aki Tuomi" <aki.tu...@dovecot.fi>
> >>> Кому: "dovecot" <dovecot@dovecot.org>
> >>> Отправленные: Пятница, 13 Январь 2017 г 14:18:55
> >>> Тема: Re: Plugin "mail_crypt" does not work
> >>
> >>> On 13.01.2017 12:21, Evgeniy Korneechev wrote:
> >>>> mail_crypt_global_public_key = </etc/dovecot/eckey/ecpubkey.pem
> >>>
> >>> Is this world-wide readable file? Is LDA able to access this?
> >>>
> >>> Aki
> >>
> >> --
> >> WBR,
> >> BaseALT/ALTLinux Team
> >
> > --
> > WBR,
> > BaseALT/ALTLinux Team
>
> --
> WBR,
> BaseALT/ALTLinux Team
