Re: [exim] Storing messages in Maildir format with symmetric…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Heiko Schlittermann
Date:  
À: exim-users
CC: Dengler, Gabriel
Sujet: Re: [exim] Storing messages in Maildir format with symmetric encryption
Dengler, Gabriel <gabriel.dengler@???> (Do 24 Nov 2022 00:19:42 CET):
> > somewhere for later use as encryption/decryption key?
> yeah, that's my main idea. For clearness, a "normal" communication profile
> would look like this:
> * An external sender sends an e-mail to our local Exim Server.
> * The Exim Server saves the message, e.g. via Maildir, encrypted with the
> password of the receiver.


Ok, but how does Exim know the password of the receiver? You've access
to the password hashes only, I suppose.

> * When the receiver wants to access the message, e.g., via IMAP, he/she
> encrypts the saved message again via its private password.


Wouldn't it be better to use asymmetric encryption, then Exim doesn't
need to know a shared secret, but only a public key. The mailbox user
then can decrypt the message using a private key.

Having a shared secret that's known to Exim (except during the
verification of a PLAIN or LOGIN auth), creates an unnecessary attack
surface.

> I think I have to sleep about this concept one more night, but besides:
> would the general setup be possible with transport_filter if the passwords
> are not hashed (although this is obviously a security issue)?


BTW, I *think* I read that Dovecot supports encrypted mailboxes. And in
the ideal world Exim doesn't know anything about how to store messages,
but simply passes the messages to a MDA (mail delivery agent), e.g.
directly via a local pipe (dovecot-deliver, cyrdeliver, …), or via a protocol like LMTP
(which is supported by Dovecot and Cyrus too).

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -