caesonia
caesonia copied to clipboard
Consider Zeyple (auto-GPG inbound mail traffic)
Project homepage: https://infertux.com/labs/zeyple/ GitHub: https://github.com/infertux/zeyple
Is this something that can be integrated with the current setup?
GPG encryption on the email server server? I thought gpg encrypt/decrypt should be used end-to-end, no?
This is about GPG encrypting (unencrypted) inbound messages, before they touch the disk, to achieve privacy from the hosting provider and the postmaster. A very important feature, and perhaps the main reason for self-hosting email.
Inbound auto-GPG has been discussed, and the following was considered:
- Dovecot MailCrypt Plugin https://wiki2.dovecot.org/Plugins/MailCrypt [smtpd encrypted queue] → [dovecot crypt → rspamd → lda] The private key is kept on the server
- Dovecot Mail Filter Plugin https://wiki.dovecot.org/Plugins/MailFilter [smtpd encrypted queue] → [dovecot mail filter → rspamd → lda] The private key is kept on the server, but encrypted and protected with the IMAP password
- gpgit Dovecot Pigeonhole Sieve https://github.com/EtiennePerot/gpgit [smtpd encrypted queue] → [dovecot gpgit → rspamd → lda] Only the public key is kept on the server
I didn't know about Zeyple, thank you for suggesting it. Zeyple is in line with an ideal solution (using WKD): [smtpd encrypted queue → filter-gpg → filter-rspamd] → [dovecot lmtp]
OpenSMTPD filters are around the corner: https://poolp.org/posts/2018-11-03/opensmtpd-released-and-upcoming-filters-preview/
edit: Zeyple typo