Hi, I tried to enable encrypted folder keys using mail-crypt-plugin. It works as expected when using unencrypted folder keys. When I add
mail_crypt_require_encrypted_user_key = yes as shown below, I somehow manage to crash dovecot: dovecot: lmtp(82060): Fatal: master: service(lmtp): child 82060 killed with signal 6 (core not dumped - https://dovecot.org/bugreport.html#coredumps - set service lmtp { drop_priv_before_exec=yes }) dovecot: lmtp(67814): Panic: file mail-user.c: line 229 (mail_user_deinit): assertion failed: ((*user)->refcount== 1) lmtp(root): Info: msgid=<07e3a23b2aaea...@mx.2718282.net>: save failed to INBOX: generate_keypair(INBOX) failed: mail_crypt_require_encrypted_user_key set, cannot generate user keypair without password or key My config files: # 2.3.14 (cee3cbc0d): /etc/mail/imap.conf # OS: OpenBSD 6.9 amd64 auth_verbose = yes debug_log_path = /var/log/dovecot info_log_path = /var/log/dovecot mail_attribute_dict = file:%h/Maildir/dovecot-attributes mail_debug = yes namespace inbox { ... } passdb { args = /etc/mail/imap-sqlite.conf driver = sql } plugin { mail_crypt_curve = secp521r1 mail_crypt_require_encrypted_user_key = yes mail_crypt_save_version = 2 } protocols = imap lmtp service imap-login { ... } ssl = required ssl_cert = </etc/ssl/rsa.crt ssl_key = # hidden, use -P to show it ssl_min_protocol = TLSv1.2 ssl_prefer_server_ciphers = yes userdb { args = /etc/mail/imap-sqlite.conf driver = sql override_fields = uid=vmail gid=vmail } # file: /etc/mail/imap-sqlite.conf driver = sqlite connect = /etc/mail/sqlite.db default_pass_scheme = BLF-CRYPT user_query = SELECT '/home/vmail/'||destination AS home FROM virtuals WHERE email = '%u' password_query = SELECT email as user, password, '%w' AS \ userdb_mail_crypt_private_password FROM credentials WHERE email = '%u'
