Hi! You can do it pretty much the same way. Put the key into LDAP, and assign to correct mail crypt parameters userdb.
Aki > On 15/11/2022 09:47 EET Andre Rodier <an...@rodier.me> wrote: > > > Dear dovecot developers. > > When using mailcrypt plugin, how can store the encryption key in LDAP, > please ? > > There is an example with SQL in the doc, but no LDAP. > > Thanks, > André > > On Thu, 2022-11-10 at 19:39 +0000, Andre Rodier wrote: > > Hello, all. > > > > I read carefully the messages about mailcrypt on the mailing list, > > especially this response from Aki: > > > > > It's best suited for securing external storage such as NFS or > > > object storage. > > > There are possibilities to encrypt the key using user's password, > > > but this > > > takes careful planning. The keys can also come from userdb , e.g. > > > LDAP. > > > > I am able to extend the LDAP schema of my OpenLDAP server to store a > > key > > into LDAP attribute for each user. > > > > In this case, would it be enough for Dovecot to encrypt the messages > > when they arrive ? > > > > Maybe I misunderstand the documentation. Even when using user keys > > protected by a password, the Dovecot LMTP process should be able to > > encrypt the emails with user’s public key, without a password, no ? > > > > Ideally, I would like to store user's emails encrypted, so each users > > cannot access other user's emails. I don't need folder sharing. > > > > Thanks for your advice. > > > > Kind regards, > > André Rodier > >