Server-Level End-to-End PGP about mailinabox HOT 20 CLOSED

Then close the issue as "out of scope", and be clear about that to your community so they can find solutions that meet their needs. "no one will get around to this" is a poor explanation that you do not view this as an important feature and are removing it from the list of things other contributors can do for you.

As for the context of the issue itself, deploying a mail server without end-to-end encryption is irresponsible in the post-Snowden era. You would be doing a serious disservice to your users by even allowing unencrypted configurations, let alone explicitly removing them from your product backlog.

from mailinabox.

@martindale are you sure you're not mixing up TLS and PGP? No other mailserver supports PGP in a "stable" way. Lavabit did, and some scripts exist that may work. PGP End-to-End is encryption at rest and in transit, but the other user needs to have a PGP key (few people do, mostly developers on the higher end of that spectrum)

TLS on the other hand is server-to-server encryption that is widely deployed and already supported by MiaB.

from mailinabox.

as it remains a requirement for the project

I don't know what that even means. If it's a requirement you have for a mail server, then this project won't meet your needs.

from mailinabox.

To necrobump this issue, I think detecting PGP and encrypting incoming mail with PGP/MIME should be a thing so all your mail is encrypted at rest. Unfortunately I'm no mailserver wizard.

from mailinabox.

Closing because it was a fun idea but it seems like no one will get around to this any time soon.

from mailinabox.

You think I should shut this project down?

from mailinabox.

@JoshData Can this be re-opened?

Roundcube 1.2.0 has server-side PGP support, so it shouldn't take too much work to support now! https://roundcube.net/news/2016/05/22/roundcube-webmail-1.2.0-released

Edit: merely updating Roundcube will support client-side PGP though Mailenvelope. Maybe that's enough for now. 😉

from mailinabox.

@JoshData Thanks! 👍

Just found out Roundcube is already up-to-date so that the client-side browser plugin works. 😄

from mailinabox.

What is the normal toolkit you'd use to do something like this manually? Are there a set of programs that you stitch together with some shell scripting?

from mailinabox.

Dunno!

from mailinabox.

I know this was done with Exim, maybe the script for that could be modified for MIAB.

https://github.com/mikecardwell/gpgit

from mailinabox.

Neat. Thanks for posting the link.

from mailinabox.

I started hacking on an encryption mail filter on a branch:

910b473

This creates a new SMTP server listening on port 10587 that PGP-encrypts mail to recipients and refuses to accept mail if it cannot encrypt it. This makes it hard to accidentally send something in the clear.

Recipients' PGP keys are looked up from Keybase.io by inserting their Keybase username into their email address. E.g. If my email address were [email protected], you would address the email to me using [email protected].

I probably won't have time to finish this (or start a decryption side) any time soon. Maybe someone else can continue the work.

from mailinabox.

+1 on this, this would be fantastic.

from mailinabox.

I like the idea of this, but it does make me a little nervous to have keying material stored on the server. I suppose you could store the private keys in an encrypted format and use a key derived from the user's login password.

I haven't dug into the details in dovecot -- would it make this accessible? Or did you have some other idea for protecting these data?

from mailinabox.

The idea is that since you control the box, you might as well put a private key on it ---- rather than a copy of your private key on your laptop, on your phone(s), needing some awkward integration with webmail, etc. I'm not actively working on this now, though.

from mailinabox.

I understand that, in theory, but what if I'm sharing my box with others. For example, I host my own email on one of these, but I decide to offer the same to friends and family... At that point, I think it gets a little more sketchy. Honestly I think the automatic encrypting / signing is a pretty clever solution, in general, for outgoing.

On the incoming side, however, I'd like to figure out a way to accomplish this without potentially exposing my private key. I suppose one mechanism would be to fallback to using Thunderbird+EnigMail for reading, and not worry about those messages that can't be read on mobile. Hrm.

Thanks for the comments. Cheers.

from mailinabox.

Please re-open this issue, as it remains a requirement for the project. Move it to another milestone if you must (propose: "Backlog"), but definitely do not close it just because someone isn't getting to it soon.

from mailinabox.

@louwers See #892.

from mailinabox.

yes, mailvelope.com works conveniently in MiaB. even in conjunction with enigma.

from mailinabox.