mailcow-dockerized-docs/docs/u_e-dovecot-mail-crypt.md

Mails are stored compressed (lz4) and encrypted. The key pair can be found in crypt-vol-1.

If you want to decode/encode existing maildir files, you can use the following script at your own risk:

Enter Dovecot by running `docker-compose exec dovecot-mailcow /bin/bash` in the mailcow-dockerized location.

```
# Decrypt /var/vmail
find /var/vmail/ -type f -regextype egrep -regex '.*S=.*W=.*' | while read -r file; do
if [[ $(head -c7 "$file") == "CRYPTED" ]]; then
doveadm fs get compress lz4:0:crypt:private_key_path=/mail_crypt/ecprivkey.pem:public_key_path=/mail_crypt/ecpubkey.pem:posix:prefix=/ \
  "$file" > "/tmp/$(basename "$file")"
  if [[ -s "/tmp/$(basename "$file")" ]]; then
    chmod 600 "/tmp/$(basename "$file")"
    chown 5000:5000 "/tmp/$(basename "$file")"
    mv "/tmp/$(basename "$file")" "$file"
  else
    rm "/tmp/$(basename "$file")"
  fi
fi
done

# Encrypt /var/vmail
find /var/vmail/ -type f -regextype egrep -regex '.*S=.*W=.*' | while read -r file; do
if [[ $(head -c7 "$file") != "CRYPTED" ]]; then
doveadm fs put crypt private_key_path=/mail_crypt/ecprivkey.pem:public_key_path=/mail_crypt/ecpubkey.pem:posix:prefix=/ \
  "$file" "$file"
  chmod 600 "$file"
  chown 5000:5000 "$file"
fi
done
```
Mention lz4 compression in u_e-dovecot-mail-crypt.md #2754, #2337 2020-05-06 20:36:27 +02:00			`Mails are stored compressed (lz4) and encrypted. The key pair can be found in crypt-vol-1.`
Add first mail crypt info 2018-10-12 21:53:35 +02:00
			`If you want to decode/encode existing maildir files, you can use the following script at your own risk:`

Update u_e-dovecot-mail-crypt.md 2018-10-15 19:34:17 +02:00			Enter Dovecot by running `docker-compose exec dovecot-mailcow /bin/bash` in the mailcow-dockerized location.
Add first mail crypt info 2018-10-12 21:53:35 +02:00
			```
			`# Decrypt /var/vmail`
Update u_e-dovecot-mail-crypt.md 2019-01-27 20:13:43 +01:00			`find /var/vmail/ -type f -regextype egrep -regex '.S=.W=.*' \| while read -r file; do`
Add first mail crypt info 2018-10-12 21:53:35 +02:00			`if [[ $(head -c7 "$file") == "CRYPTED" ]]; then`
Mention lz4 compression in u_e-dovecot-mail-crypt.md #2754, #2337 2020-05-06 20:36:27 +02:00			`doveadm fs get compress lz4:0:crypt:private_key_path=/mail_crypt/ecprivkey.pem:public_key_path=/mail_crypt/ecpubkey.pem:posix:prefix=/ \`
Add first mail crypt info 2018-10-12 21:53:35 +02:00			`"$file" > "/tmp/$(basename "$file")"`
Update u_e-dovecot-mail-crypt.md 2019-12-22 16:52:45 +01:00			`if [[ -s "/tmp/$(basename "$file")" ]]; then`
			`chmod 600 "/tmp/$(basename "$file")"`
			`chown 5000:5000 "/tmp/$(basename "$file")"`
			`mv "/tmp/$(basename "$file")" "$file"`
			`else`
			`rm "/tmp/$(basename "$file")"`
			`fi`
Add first mail crypt info 2018-10-12 21:53:35 +02:00			`fi`
			`done`

			`# Encrypt /var/vmail`
Update u_e-dovecot-mail-crypt.md 2019-01-27 20:13:43 +01:00			`find /var/vmail/ -type f -regextype egrep -regex '.S=.W=.*' \| while read -r file; do`
Add first mail crypt info 2018-10-12 21:53:35 +02:00			`if [[ $(head -c7 "$file") != "CRYPTED" ]]; then`
			`doveadm fs put crypt private_key_path=/mail_crypt/ecprivkey.pem:public_key_path=/mail_crypt/ecpubkey.pem:posix:prefix=/ \`
			`"$file" "$file"`
			`chmod 600 "$file"`
			`chown 5000:5000 "$file"`
			`fi`
			`done`
			```