Lnxgeek.org Wiki - Freedom of choice, I choose Freedom

User Tools

Site Tools

You are here: start » howtos » mail_crypt_-_decrypt_encrypt_mails
howtos:mail_crypt_-_decrypt_encrypt_mails

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
howtos:mail_crypt_-_decrypt_encrypt_mails [12/08/2023 22:50] domingohowtos:mail_crypt_-_decrypt_encrypt_mails [13/08/2023 15:18] (current) domingo
Line 1: Line 1:
 +====== Intro ======
 +
 mailcow compress and encrypt mail stored inside the "mailcowdockerized_vmail-vol-1" docker volume. mailcow compress and encrypt mail stored inside the "mailcowdockerized_vmail-vol-1" docker volume.
  
Line 4: Line 6:
  
 This requires that you enter the dovecot container and paste the logic. That is rather cumbersome, so here is a bash script which you can run from anywhere which takes care of that. This requires that you enter the dovecot container and paste the logic. That is rather cumbersome, so here is a bash script which you can run from anywhere which takes care of that.
 +
 +===== Script Which Takes It All =====
  
 It take two flags "-d" for decryption and "-e" for encryption, which needs to be supplied when you run it. It take two flags "-d" for decryption and "-e" for encryption, which needs to be supplied when you run it.
Line 76: Line 80:
 fi fi
 </file> </file>
 +
 +===== Script Which Takes One Mailbox At a Time =====
 +
 +<file>
 +
 +#!/bin/bash
 +
 +# Define the path inside the container
 +CONTAINER_PATH="/tmp/mail_crypt_tool.sh"
 +DOCKER_COMPOSE_FILE="/opt/mailcow-dockerized/docker-compose.yml"
 +
 +decrypt_files() {
 +    local mailbox_path="$1"
 +    find "$mailbox_path" -type f -regextype egrep -regex '.*S=.*W=.*' | while read -r file; do
 +        if [[ $(head -c7 "$file") == "CRYPTED" ]]; then
 +            doveadm fs get compress lz4:1:crypt:private_key_path=/mail_crypt/ecprivkey.pem:public_key_path=/mail_crypt/ecpubkey.pem:posix:prefix=/ \
 +            "$file" > "/tmp/$(basename "$file")"
 +            if [[ -s "/tmp/$(basename "$file")" ]]; then
 +                chmod 600 "/tmp/$(basename "$file")"
 +                chown 5000:5000 "/tmp/$(basename "$file")"
 +                mv "/tmp/$(basename "$file")" "$file"
 +            else
 +                rm "/tmp/$(basename "$file")"
 +            fi
 +        fi
 +    done
 +}
 +
 +encrypt_files() {
 +    local mailbox_path="$1"
 +    find "$mailbox_path" -type f -regextype egrep -regex '.*S=.*W=.*' | while read -r file; do
 +        if [[ $(head -c7 "$file") != "CRYPTED" ]]; then
 +            doveadm fs put crypt private_key_path=/mail_crypt/ecprivkey.pem:public_key_path=/mail_crypt/ecpubkey.pem:posix:prefix=/ \
 +            "$file" "$file"
 +            chmod 600 "$file"
 +            chown 5000:5000 "$file"
 +        fi
 +    done
 +}
 +
 +print_help() {
 +    echo "Usage: $0 [OPTIONS] [MAILBOX_PATH]"
 +    echo "Options:"
 +    echo "  -d          Decrypt specified mailbox or all mailboxes if no path is provided"
 +    echo "  -e          Encrypt specified mailbox or all mailboxes if no path is provided"
 +    echo "  -h          Display this help message"
 +    echo "MAILBOX_PATH: Path to the mailbox, format: /var/vmail/domain/user"
 +}
 +
 +# Function to list and select user mailboxes
 +select_mailbox() {
 +    local paths=($(find /var/vmail/ -mindepth 2 -maxdepth 2 -type d ! -name ".*"))
 +    local mailboxes=()
 +
 +    # Convert paths to email format
 +    for path in "${paths[@]}"; do
 +        local user=$(basename "$path")
 +        local domain=$(basename $(dirname "$path"))
 +        mailboxes+=("$user@$domain")
 +    done
 +
 +    select mailbox in "${mailboxes[@]}"; do
 +        if [[ -n $mailbox ]]; then
 +            # Convert back to path format and return
 +            local user=$(echo "$mailbox" | cut -d'@' -f1)
 +            local domain=$(echo "$mailbox" | cut -d'@' -f2)
 +            echo "/var/vmail/$domain/$user"
 +            return
 +        else
 +            echo "Invalid selection"
 +        fi
 +    done
 +}
 +
 +# Check if we're inside a Docker container
 +if [ -f /.dockerenv ]; then
 +    # We are inside a container, proceed with the main logic
 +    main() {
 +        local mailbox_path=""
 +        if [[ -z "$2" ]]; then
 +            echo "Select a mailbox:"
 +            mailbox_path=$(select_mailbox)
 +        else
 +            mailbox_path="$2"
 +        fi
 +
 +        case "$1" in
 +            -d)
 +                decrypt_files "$mailbox_path"
 +                ;;
 +            -e)
 +                encrypt_files "$mailbox_path"
 +                ;;
 +            *)
 +                print_help
 +                ;;
 +        esac
 +    }
 +    main "$@"
 +else
 +    # We are outside a container, so let's copy and execute the script inside the container
 +    docker compose -f $DOCKER_COMPOSE_FILE cp $0 dovecot-mailcow:$CONTAINER_PATH
 +    docker compose -f $DOCKER_COMPOSE_FILE exec -T dovecot-mailcow chmod +x $CONTAINER_PATH
 +    docker compose -f $DOCKER_COMPOSE_FILE exec -T dovecot-mailcow $CONTAINER_PATH "$@"
 +fi
 +</file>
 +
howtos/mail_crypt_-_decrypt_encrypt_mails.txt · Last modified: 13/08/2023 15:18 by domingo