Lnxgeek.org Wiki - Freedom of choice, I choose Freedom

User Tools

Site Tools

You are here: start » howtos » mail_crypt_-_decrypt_encrypt_mails
howtos:mail_crypt_-_decrypt_encrypt_mails

This is an old revision of the document!

mailcow compress and encrypt mail stored inside the “mailcowdockerized_vmail-vol-1” docker volume.

The documentation has a description on how you decrypt or re-encrypt the mail files inside the volume.

This requires that you enter the dovecot container and paste the logic. That is rather cumbersome, so here is a bash script which you can run from anywhere which takes care of that.

It take two flags “-d” for decryption and “-e” for encryption, which needs to be supplied when you run it. 

#!/bin/bash

# Define the path inside the container
CONTAINER_PATH="/tmp/mail_crypt_tool.sh"
DOCKER_COMPOSE_FILE="/opt/mailcow-dockerized/docker-compose.yml"

# Function to decrypt files
decrypt_files() {
    find /var/vmail/ -type f -regextype egrep -regex '.*S=.*W=.*' | while read -r file; do
        if [[ $(head -c7 "$file") == "CRYPTED" ]]; then
            doveadm fs get compress lz4:1:crypt:private_key_path=/mail_crypt/ecprivkey.pem:public_key_path=/mail_crypt/ecpubkey.pem:posix:prefix=/ \
            "$file" > "/tmp/$(basename "$file")"
            if [[ -s "/tmp/$(basename "$file")" ]]; then
                chmod 600 "/tmp/$(basename "$file")"
                chown 5000:5000 "/tmp/$(basename "$file")"
                mv "/tmp/$(basename "$file")" "$file"
            else
                rm "/tmp/$(basename "$file")"
            fi
        fi
    done
}

# Function to encrypt files
encrypt_files() {
    find /var/vmail/ -type f -regextype egrep -regex '.*S=.*W=.*' | while read -r file; do
        if [[ $(head -c7 "$file") != "CRYPTED" ]]; then
            doveadm fs put crypt private_key_path=/mail_crypt/ecprivkey.pem:public_key_path=/mail_crypt/ecpubkey.pem:posix:prefix=/ \
            "$file" "$file"
            chmod 600 "$file"
            chown 5000:5000 "$file"
        fi
    done
}

# Function to print help
print_help() {
    echo "Usage: $0 [OPTIONS]"
    echo "Options:"
    echo "  -d          Decrypt files in /var/vmail"
    echo "  -e          Encrypt files in /var/vmail"
    echo "  -h          Display this help message"
}

# Check if we're inside a Docker container
if [ -f /.dockerenv ]; then
    # We are inside a container, proceed with the main logic
    main() {
        case "$1" in
            -d)
                decrypt_files
                ;;
            -e)
                encrypt_files
                ;;
            *)
                print_help
                ;;
        esac
    }
    main "$@"
else
    # We are outside a container, so let's copy and execute the script inside the container
    docker compose -f $DOCKER_COMPOSE_FILE cp $0 dovecot-mailcow:$CONTAINER_PATH
    docker compose -f $DOCKER_COMPOSE_FILE exec -T dovecot-mailcow chmod +x $CONTAINER_PATH
    docker compose -f $DOCKER_COMPOSE_FILE exec -T dovecot-mailcow $CONTAINER_PATH "$@"
fi
howtos/mail_crypt_-_decrypt_encrypt_mails.1691873438.txt.gz · Last modified: 12/08/2023 22:50 by domingo