On 2022-11-23, Jeremy Harris via Exim-users <exim-users@exim.org> wrote: > On 23/11/2022 00:16, Dengler, Gabriel via Exim-users wrote: >> I want to store the incoming e-mails using the Maildir file format encrypted >> by using some symmetric encryption using the user's password > > It seems like a generally valuable concept - but I'd think that assymetric > encryption > of the data-at-rest is more appropriate than symmetric. The MDA (exim, here, > receiving > a message and delivering to file) shou be able to encrypt for the destination > user > but NOT decrypt. So it should have access to a public key and not a private > key > for the destination mailbox - and this is entirely separate from notions of > SMTP authentication. > > Where to implement it in the code? Probably pretty late in the appendfile > transport; about where it's doing actual writes to the file fd - and using > a public key supplied via a transport option (which the config pulls > from a database lookup using the username, or localpart, or whatever) > and perhaps another giving the cipher scheme.
Perhaps use some sort of GPG wrapper as a transport_filter, and do decryption client-side? -- Jasen. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/