[Dovecot] Disk Encryption

Simon Brereton simon.buongiorno at gmail.com
Mon Mar 25 12:03:27 EET 2013


As I understand it email headers need to be unencrypted (otherwise
DKIM doesn't work).  From the MUA to either Postfix, or Dovecot the
connection is (or can/should be) secured with TLS/SSL.

What I would like to know is if it is possible to encrypt the
mailstore?  Postfix is using Dovecot for delivery so it's only Dovecot
that would need to encrypt/decrypt the mailstore.

Is this possible?  Is there a terrible reason to do it even if it is possible?

I realise that from MTA to MTA there's no guarantee of encryption (and
in fact it's very unlikely unless keys have been exchanged), but my
primary goal is supplement the physical security of the mail store of
mails we already have or have sent.

Mostly just idle curiosity as to what has been done, or what could be
done.  What is worth doing is a separate thread entirely.



More information about the dovecot mailing list