Dear dovecot developers. When using mailcrypt plugin, how can store the encryption key in LDAP, please ?
There is an example with SQL in the doc, but no LDAP. Thanks, André On Thu, 2022-11-10 at 19:39 +0000, Andre Rodier wrote: > Hello, all. > > I read carefully the messages about mailcrypt on the mailing list, > especially this response from Aki: > > > It's best suited for securing external storage such as NFS or > > object storage. > > There are possibilities to encrypt the key using user's password, > > but this > > takes careful planning. The keys can also come from userdb , e.g. > > LDAP. > > I am able to extend the LDAP schema of my OpenLDAP server to store a > key > into LDAP attribute for each user. > > In this case, would it be enough for Dovecot to encrypt the messages > when they arrive ? > > Maybe I misunderstand the documentation. Even when using user keys > protected by a password, the Dovecot LMTP process should be able to > encrypt the emails with user’s public key, without a password, no ? > > Ideally, I would like to store user's emails encrypted, so each users > cannot access other user's emails. I don't need folder sharing. > > Thanks for your advice. > > Kind regards, > André Rodier >
