Re: [exim] Storing messages in Maildir format with symmetric…

Top Page
Delete this message
Reply to this message
Author: Andrew C Aitchison
Date:  
To: exim-users
Subject: Re: [exim] Storing messages in Maildir format with symmetric encryption
On Thu, 24 Nov 2022, Jasen Betts via Exim-users wrote:

> On 2022-11-23, Jeremy Harris via Exim-users <exim-users@???> wrote:
>> On 23/11/2022 00:16, Dengler, Gabriel via Exim-users wrote:
>>> I want to store the incoming e-mails using the Maildir file format encrypted by using some symmetric encryption using the user's password
>>
>> It seems like a generally valuable concept - but I'd think that assymetric encryption
>> of the data-at-rest is more appropriate than symmetric. The MDA (exim, here, receiving
>> a message and delivering to file) shou be able to encrypt for the destination user
>> but NOT decrypt. So it should have access to a public key and not a private key
>> for the destination mailbox - and this is entirely separate from notions of
>> SMTP authentication.
>>
>> Where to implement it in the code? Probably pretty late in the appendfile
>> transport; about where it's doing actual writes to the file fd - and using
>> a public key supplied via a transport option (which the config pulls
>> from a database lookup using the username, or localpart, or whatever)
>> and perhaps another giving the cipher scheme.
>
> Perhaps use some sort of GPG wrapper as a transport_filter,
> and do decryption client-side?


Ah.
If we use OpenPGP format then the recipient can use any
PGP-aware client to read the message.

-- 
Andrew C. Aitchison                      Kendal, UK
                    andrew@???