m...@ruggedinbox.com:
>
>
> Hi nice people, easy question for this nice Sunday :D
>
> Are you aware of any solution that would replicate (or even improve) the
> technology that was developed by lavabit to encrypt their users
> mailboxes ?
>
> There is an architecture description here:
> http://highscalability.com/blog/2013/8/13/in-memoriam-lavabit-architecture-creating-a-scalable-email-s.html
I speculate that they en/decrypt mail on the server, so that they
can work with third-party POP/IMAP clients (e.g. Outlook). I also
speculate that email is plaintext or SSL-encrypted on the Internet
in transmit over SMTP, plaintext on the server in transit to and
from the encrypted mailbox store, and SSL-encrypted on the Internet
in transit to the client. With one mailbox file per message, each
message can be en/decrypted individually.
Lavabit integrated the SMTP and POP/IMAP servers. Postfix does not.
Note that all the Lavabit stuff would have happened in the POP/IMAP
server, which is the part that Postfix does not implement.
Wietse
