Re: Setting up the mail-crypt plugin with virtual accounts that have no home directories

Thanks for the reassurance and the other assistance you have provided! Everything seems to work a treat. --- Original Message --- On Sunday, March 5th, 2023 at 18:00, Aki Tuomi wrote: > Order does not matter much as long as you do it about same time. But > otherwise, yes. > > Aki > >>

Re: Setting up the mail-crypt plugin with virtual accounts that have no home directories

Order does not matter much as long as you do it about same time. But otherwise, yes.   Aki On 05/03/2023 18:43 EET Jeremy wrote:     Hi,   Thanks for the notice! But yes, I was aware o

Re: Setting up the mail-crypt plugin with virtual accounts that have no home directories

Hi, Thanks for the notice! But yes, I was aware of this. For future reference though, would you mind telling me how I would go about doing this? I take it I'd first have to re-encrypt the user keys, before changing the account password. So before changing the password for a user in my PostgreSQ

Re: Setting up the mail-crypt plugin with virtual accounts that have no home directories

Dovecot tries to hide passwords in logs so you're probably safe.   Remember that there is no automatic password change for mail crypt. If user's password is changed, it will require corresponding update for user's master key.   Aki

Re: Setting up the mail-crypt plugin with virtual accounts that have no home directories

Hi, Yeah, I just realized myself that what I did there was probably not the smartest thing to do, as I indeed figured dovecot would probably just use that as a plain text string. ;-) I've now opted to do the following (I'm using PostgreSQL BTW): password_query = SELECT \ email as user, passwor

Re: Setting up the mail-crypt plugin with virtual accounts that have no home directories

Hi,   just to mention this. If you use the stored password hash, it equals to using a plain text string. Depending on your threat model it might or not be an issue that admins have access to the password used to encrypt mails.   Aki

Re: Setting up the mail-crypt plugin with virtual accounts that have no home directories

Hi again, I was able to solve both questions. I was overthinking things. A solution to the first question about mail_attribute_dict was simply to use other available variables to point to the virtual user's maildir paths. Like so: /var/mail/%d/%u/dovecot-attributes As for the second question:

Setting up the mail-crypt plugin with virtual accounts that have no home directories

Hi again, I am using dovecot 2.3.16, along with postfix and a PostgreSQL database for managing virtual accounts. After an initial topic from me about encrypting already existent mail, I could now use some pointers on how to set up the mail-crypt plugin for pure virtual accounts (i.e. that have