[Dovecot] Disk Encryption

Jeroen Massar jeroen at massar.ch
Wed Mar 27 12:17:02 EET 2013


[..]
> Currently my mail store isn't encrypted and I would like to know if
> it is possible to do that, and if so, maybe get some pointers.

There are two main roads:

 - filesystem/disk based encryption
   * Fast and easy to setup though (eg LUKS on Linux)
   * does not protect against a running system being attacked, eg
     that they can run custom code in the same security level that
     thus can read the unencrypted content.

 - per-file encryption, eg with PGP/GnuPG
   * Likely more complex to setup/fail-prone
   * attacker getting access can only encrypt more mail and/or
     of course subvert any new mail, but can't decrypt old.
   * there are a couple of tools which enable this, typically it is
     a procmail/pipe through gnupg
   * Decryption of mails can be done with a "IMAP-proxy" style tool
     or possibly better/easier by the mail client.
   * Check out:
     - https://github.com/isislovecruft/leap_mx
     - https://grepular.com/Automatically_Encrypting_all_Incoming_Email
     -
https://perot.me/encrypt-specific-incoming-emails-using-dovecot-and-sieve

For both:
 * Store your decryption keys in a secure/offline place
   (cold-boot attacks)
 * "Rubber Hose Crypto": http://www.schlockmercenary.com/2006-03-29
 * "Lead Pipe Crypto":   http://www.schlockmercenary.com/2009-10-19

Of course it always depends on the attack vectors that you are
protecting against ;)

Greets,
 Jeroen



More information about the dovecot mailing list