Mailbox on-the-fly decryption (dovecot)

Question

To avoid casual mailbox snooping for an IMAP server I am thinking of "transparent encryption" setup that would:

Public key encrypt incoming messages at local delivery time
Private key decrypt said messages at read time. (Here, the private key password would be one and the same as the mail account password)

(see the rationale at bottom).

Point (1) should be easy enough given procmail and some filtering script. I am unable to find prior art for (2) which involves tampering with the IMAP server (dovecot, in my case: that probably means a special purpose plugin).

Ideas, anybody?

Rationale:

With this setup, messages would sit encrypted on the server but the users would not have to to install unwieldy (for the un-initiated) GnuPG plugins on their MUAs. And a cracker that got all the public/private key pairs and the mailbox would still have to crack the password before she can access the content

As of 2019, Dovecot distributes a mostly production-ready [mail-crypt plugin](https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/#mail-crypt-plugin). — anx, Jan 11 '20 at 15:43

score 1 · Accepted Answer · answered Oct 21 '17 at 18:35

By default the %w variable isn't available, but you can add it.

I've slightly extended the example given in the Dovecot wiki to show one way you could handle the key management. This passes some low intensity tests (I can deliver, read, move mail around).

#!/bin/bash

# Keys generated using:
#
# fingerprint=$(echo -n "${imap_password}" | gpg2 --batch --passphrase-fd 0 --quick-gen-key "Mail encryption key <${imap_user}>" ed25519 2>&1 | fgrep 'revocation certificate stored as' | sed -e 's/.*\///' -e 's/\..*//')
# echo -n "${imap_password}" | gpg2 --batch --passphrase-fd 0 --quick-add-key "${fingerprint}" cv25519
# 
# Call this from dovecot with:
#
# plugin {
#   mail_filter = mail-filter read %u %{userdb:pass}
#   mail_filter_out = mail-filter-out write %u
# }
#
# And configure dovecot to pass the un-encrypted mail password through:
#  
# passdb { 
#   driver = passwd-file 
#   args = scheme=CRYPT username_format=%u /etc/dovecot/users 
#   override_fields = userdb_pass=%w 
# }

export GNUPGHOME="/srv/mail/.gnupg"
imap_user="$2"

tempfile=$(mktemp)
cat > "${tempfile}"

if [ "$1" == "write" ]; then
    gpg2 --armor --batch --encrypt -r "${imap_user}" < "${tempfile}"
elif [ "$1" == "read" ]; then
    imap_password="$3"
    echo -n "${imap_password}" | gpg2 --quiet --batch --passphrase-fd 0 --decrypt "${tempfile}"
fi

rm -f "${tempfile}"

There's obviously plenty of room to improve on this - adding error checking, not buffering the message on disk in plaintext, invoking GPG properly with colon delimited output, detecting non-encrypted mail on disk and so on.

score 0 · Answer 2 · answered Oct 20 '17 at 09:56

0

So it appears that this dovecot plugin fits the bill:

https://wiki.dovecot.org/Plugins/MailFilter

Except it is unclear if it will have access to the %W macro (plain text password - probably not, as it is reserved to the auth phase).

answered Oct 20 '17 at 09:56

Alien Life Form

2,279
2
21
31

Mailbox on-the-fly decryption (dovecot)

2 Answers2