On 30/10/2019 15:29, Fourhundred Thecat via dovecot wrote:
Hello,
I have asked on the postfix mailing list for a solution, how to encrypt
incoming emails with public gpg key
My original idea was to use a smtpd-milter, which would encrypt all
incoming plaintext messages of given user, using the users public gpg
key. This way, it would look as if the original sender has sent the
message encrypted.
Somebody suggested this might be better done in Dovecot, as it is
Dovecot who stores the emails in Maildir.
Does anybody have any suggestions how to implement this scheme in Dovecot ?
Something like this?
https://perot.me/encrypt-specific-incoming-emails-using-dovecot-and-sieve
Regards,
Stephan.
I am including the original email below:
when new email arrives, and it is not already encrypted, I would like to
run it through a filter, which would encrypt the message with my public
gpg key, as if the original sender has sent the email encrypted.
Why do I want to do this ? Why not ask the sender to send encrypted
messages to start with ?
Lets say my bank sends me emails. I cannot force my bank to use gpg
encryption. I am happy they use email at all, instead of paper mail.
My email server is untrusted. It can be hacked into and emails stolen.
Full disk encryption will not help, because the disk must be decrypted
during runtime.
With my scheme, all emails would be stored encrypted on my server, and
decryption key does not exist on the server (emails are decrypted on my
local client)
What would be the best way to implement this ?
Can such filter work, without ever storing plaintext email on disk ?
thanks,
