Mail encryption with Dovecot (mail-crypt)

Mail crypt is a plugin which is developed by Dovecot team. It enables encryption for all the emails stored in server.

It has several modes to do encryption. Here I have explain a very basic level of it. It is very simple. What you need is to add below few lines to “dovecot.conf” file and its done.

mail_attribute_dict = file:%h/Maildir/dovecot-attributes

mail_plugins = $mail_plugins mail_crypt

plugin {
mail_crypt_curve = <curve>
mail_crypt_save_version = 2
}

In this mode, the user is generated a key pair, and each folder is generated a key pair, which is encrypted using the user’s key pair. You must use save version 2 and you must also specify mail_crypt_curve. Any valid curve supported by cryptographic library is supported. If you wish to have EC (elliptic curve) keys, you may find curves using below openssl command “openssl ecparam -list_curves”. mail_attribute_dict has to be set since it is used to store the keys.

Be sure not to overwrite “mail_crypt” plugin.

Its done :)