-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature Request: Mailbox encryption / Dovecot MailCrypt plugin #46
Comments
@besendorf |
It would be a huge privacy gain for Excision-Mail if it supported user mailbox encryption. Dovecot offers a plugin called MailCrypt which provides this functionality. It offers two modes. Global keys and folder keys.
Global keys encrypt all mail accounts with the same key, this is useful when you want to save the mailboxes on a different server or Storage provider (Amazon S3, etc.).
Folder keys uses a different key for each folder (user mailbox) derived from the users IMAP password. This means administrators are unable to read users mails, which is a huge privacy gain but this is also a security gain, as an attacker who gained access to the mailboxes also cant decrypt the emails(unless he controls the server long enough that he intercepts IMAP passwords).
There is also a paper explaining mailbox encryption in detail and analyses the implications for performance. Unfortunatly its in German:
https://gitlab.com/bifi/mailboxencryption_thesis/-/blob/master/thesis.pdf
The text was updated successfully, but these errors were encountered: