Hi Heiko, Hi Andrew,
thanks for your answers! At first, I wasn't aware that Exim has such
fancy concepts for on-the-fly modification of messages.
> Mybe I'm missing the point. The on-disk representation of the password
> is a hash. That can't be used for symmetric encryption/decryption.
>
> You want to "grab" the real password during user login, and save it
> somewhere for later use as encryption/decryption key?
yeah, that's my main idea. For clearness, a "normal" communication
profile would look like this:
* An external sender sends an e-mail to our local Exim Server.
* The Exim Server saves the message, e.g. via Maildir, encrypted with
the password of the receiver.
* When the receiver wants to access the message, e.g., via IMAP, he/she
encrypts the saved message again via its private password.
The goal is therefore that the messages are only encrypt-able when you
have access to the password of the receiver. And of course, a secure and
private password is necessary to prevent easy brute-force attacks.
> Which user: the sender or the recipient ?
Intentionally, I wanted to encrypt the file with the password of the
recipient, so that an IMAP server can again decrypt the message. But now
as you ask: I think this is not possible, as you can only "grab" the
password when the "receiver" sends a message him-/herself and needs to
expose the password.
I think I have to sleep about this concept one more night, but besides:
would the general setup be possible with transport_filter if the
passwords are not hashed (although this is obviously a security issue)?
Best regards,
Gabriel
Am 2022-11-23 23:22, schrieb Heiko Schlittermann via Exim-users:
> Hi Gabriel,
>
> Dengler, Gabriel via Exim-users <exim-users@???> (Mi 23 Nov 2022
> 01:16:19 CET):
>> I want to store the incoming e-mails using the Maildir file format
>> encrypted
>> by using some symmetric encryption using the user's password (e.g.,
>> AES). So
>> in the end, Exim should write the encrypted files directly on the
>> disk.
>> Furthermore, it would be convenient if the actual password is solely
>> persistent saved as a hash (for checking at authentication), the real
>> password - and therefore the en-/decryption key - is only temporarily
>> available during the login session.
>
> Mybe I'm missing the point. The on-disk representation of the password
> is a hash. That can't be used for symmetric encryption/decryption.
>
> You want to "grab" the real password during user login, and save it
> somewhere for later use as encryption/decryption key?
>
> IMHO no source modification is necessary, $auth2, $auth3 (depending on
> the AUTH scheme you use (needs to be PLAIN or LOGIN) contain the
> password. You're free to save it whereever you want (using SQL, using
> embedded Perl code, using any external command, using readsocket, …)
>
> The encryption I'd do with a "transport_filter", which basically is
> can be an "aes-pipe" or similiar.
>
>> Therefore, I wanted to modify the Exim source code directly but was
>> confronted with a large amount of code, e.g., the differentiation
>> between
>> the different transport types or the many cases considered in the
>> appendfile
>> protocol. So I have some questions, where you might help me in the
>> "big
>> picture":
>
> As stated, all transports can use a "transport_filter", which should be
> able to processing your message on-the-fly, while writing it to the
> mailbox file.
>
>> * How to enforce that a user has to authenticate him-/herself with a
>> password?
>
> Use ACL to check if the user is authenticated. You should find it in
> the
> example config. Watch out for "authenticated = *".
>
>> * Where is a good point of "grabbing out" the password from the user
>> and how
>> to "carry" it to the point where the encryption happens?
>
> The authenticators (authenticators section of the config) have the
> password, and the server_condition does string expansion, so you can do
> whatever you need there.
>
> # example, *unchecked*, just served from memory, likely to be
> # wrong
>
> begin authenticators
>
> plain:
> driver = plain
> server_advertise_condition = ${if def:tls_in_cipher}
> server_condition = use $auth2 (user name) and $auth3
> (password) in a creative way
>
> Best regards from Dresden/Germany
> Viele Grüße aus Dresden
> Heiko Schlittermann
> --
> SCHLITTERMANN.de ---------------------------- internet & unix support
> -
> Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3}
> -
> gnupg encrypted messages are welcome --------------- key ID: F69376CE
> -
