starred/EndtoEndEncryptedMailServer
1
0
Fork 0
mirror of https://github.com/d3cod3/EndtoEndEncryptedMailServer.git synced 2026-04-26 09:25:52 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #1] Where Are the emails stored #1

New issue
Closed
opened 2026-02-25 21:32:58 +03:00 by kerem · 3 comments
kerem commented 2026-02-25 21:32:58 +03:00
Owner
Copy link

Originally created by @dagogodboss on GitHub (Aug 19, 2020).
Original GitHub issue: https://github.com/d3cod3/EndtoEndEncryptedMailServer/issues/1

very Class, thanks a Lot
Where is the email store for each user because I created a new user and I can't find the user folder on the machine using the SQL method

Originally created by @dagogodboss on GitHub (Aug 19, 2020). Original GitHub issue: https://github.com/d3cod3/EndtoEndEncryptedMailServer/issues/1 very Class, thanks a Lot Where is the email store for each user because I created a new user and I can't find the user folder on the machine using the SQL method
kerem closed this issue 2026-02-25 21:32:58 +03:00
kerem commented 2026-02-25 21:32:58 +03:00
Author
Owner
Copy link

@d3cod3 commented on GitHub (Aug 23, 2020):

Hi, if you check dovecot conf at /etc/dovecot/dovecot-sql.conf you'll find the mailstore root:

user_query = SELECT email as user, 'maildir:/your_mailstore_path/plain/maildir/'||maildir as mail, '/your_mailstore_path/plain/home/'||maildir as home, 500 as uid, 500 as gid FROM users WHERE email = '%u'

where /your_mailstore_path is your mailstore folder encrypted with gocrypt ( the first step after the DNS records )

So, the mailstore root is the one you configured from the beginning.

<!-- gh-comment-id:678779696 --> @d3cod3 commented on GitHub (Aug 23, 2020): Hi, if you check dovecot conf at ```/etc/dovecot/dovecot-sql.conf``` you'll find the mailstore root: ```bash user_query = SELECT email as user, 'maildir:/your_mailstore_path/plain/maildir/'||maildir as mail, '/your_mailstore_path/plain/home/'||maildir as home, 500 as uid, 500 as gid FROM users WHERE email = '%u' ``` where ```/your_mailstore_path``` is your mailstore folder encrypted with gocrypt ( the first step after the DNS records ) So, the mailstore root is the one you configured from the beginning.
kerem commented 2026-02-25 21:32:58 +03:00
Author
Owner
Copy link

@dagogodboss commented on GitHub (Aug 23, 2020):

yes yes I saw it later But creating a new Account from a PHP code seems to be conflicting cause the PHP code has to be using the root user which I don't think is secure anymore. Do you have a snippet to create and retrieve email accounts and folder with PHP?

And Finally, this part does work

# Import the mail users public keys (we import this one, but this must be repeated for each newly registered user)
sudo -u gpgit /usr/bin/gpg --homedir=/var/opt/gpgit/.gnupg --import dagogodboss@mail.bitmail.pro.gpg

Folder Not or file Not found when I change user it say permission error

<!-- gh-comment-id:678798721 --> @dagogodboss commented on GitHub (Aug 23, 2020): yes yes I saw it later But creating a new Account from a PHP code seems to be conflicting cause the PHP code has to be using the root user which I don't think is secure anymore. Do you have a snippet to create and retrieve email accounts and folder with PHP? And Finally, this part does work ```` # Import the mail users public keys (we import this one, but this must be repeated for each newly registered user) sudo -u gpgit /usr/bin/gpg --homedir=/var/opt/gpgit/.gnupg --import dagogodboss@mail.bitmail.pro.gpg ```` Folder Not or file Not found when I change user it say permission error
kerem commented 2026-02-25 21:32:58 +03:00
Author
Owner
Copy link

@d3cod3 commented on GitHub (Aug 26, 2020):

About the PHP issue, yes, if you're working on some kind of web interface to interact with the mail server, it's delicate and you'll need to thread lightly, everything can became a security issue, especially for this kind of infrastructure where security is at the core of the idea.

So, a snippet with root privileges is to be completely avoided here, you'll have to think more of some kind of protocol, isolating the different parts of new user creation process, or user mail listing process.

You have this scenario:

  • on one side you'll need the typical registration form, users will need to enter the email alias, a password, and their public key ( you'll have to choose here the strategy for gpg keypair creation, leaving the job to the user or think about some automatism, but that will be tricky too ). Then you'll add this data to the PostgreSQL database, no problem here.

  • on the other side, we have all the automatic encryption stuff, and that works with an unprivileged user named gpgit, and here we have a problem, because gpgit is the only user with access to encryption, but you'll need to call the commands from sudo for security, so those commands can't be called from a PHP script without root privileges. Changing this to a less restricted configuration will lead to a possible vulnerability, accessing the public keys could lead to service disruption, if public keys disappears, messages will be unreadable or not encrypted anymore, or if public keys are mixed, no user will be able to read their messages, at least momentarily.

So, to solve this you'll need to be creative, i'm thinking at crontab, running a script every minute for example, let me explain:

imagine that the registration form add the new user to the database and add the entry in some text file ( .ini, .xml, .json, you choose ), some kind of waiting list file with chmod 600, then you can have a script on the server, that run from crontab every minute with root permission ( isolated from the web ), that access the waiting list text file, and if some user are there, it launch all the encryption commands with gpgit for every new user, and then clear the waiting list file.

Basically, you just separate the vulnerable part of the process from the standard registration process. The only downside of this scheme is that the user registration will let them wait a max amount time of 1 minute ( you can add some loader bar indicating the percentage to visually satisfy the user ).

About the line that you're telling me is not working, check the previous commands and the folder permissions:

sudo mkdir /var/opt/gpgit/.gnupg
sudo chown gpgit:gpgit /var/opt/gpgit/.gnupg
sudo chmod 700 /var/opt/gpgit/.gnupg
# Import the mail users public keys (we import this one, but this must be repeated for each new registered user)
sudo -u gpgit /usr/bin/gpg --homedir=/var/opt/gpgit/.gnupg --import astronaut57@supersecure.mydomain.net.gpg

If you did it right it should work.

<!-- gh-comment-id:680740076 --> @d3cod3 commented on GitHub (Aug 26, 2020): About the PHP issue, yes, if you're working on some kind of web interface to interact with the mail server, it's delicate and you'll need to thread lightly, everything can became a security issue, especially for this kind of infrastructure where security is at the core of the idea. So, a snippet with root privileges is to be completely avoided here, you'll have to think more of some kind of protocol, isolating the different parts of new user creation process, or user mail listing process. You have this scenario: - on one side you'll need the typical registration form, users will need to enter the email alias, a password, and their public key ( you'll have to choose here the strategy for gpg keypair creation, leaving the job to the user or think about some automatism, but that will be tricky too ). Then you'll add this data to the PostgreSQL database, no problem here. - on the other side, we have all the automatic encryption stuff, and that works with an unprivileged user named **gpgit**, and here we have a problem, because gpgit is the only user with access to encryption, but you'll need to call the commands from sudo for security, so those commands can't be called from a PHP script without root privileges. Changing this to a less restricted configuration will lead to a possible vulnerability, accessing the public keys could lead to service disruption, if public keys disappears, messages will be unreadable or not encrypted anymore, or if public keys are mixed, no user will be able to read their messages, at least momentarily. So, to solve this you'll need to be creative, i'm thinking at crontab, running a script every minute for example, let me explain: imagine that the registration form add the new user to the database and add the entry in some text file ( .ini, .xml, .json, you choose ), some kind of waiting list file with chmod 600, then you can have a script on the server, that run from crontab every minute with root permission ( isolated from the web ), that access the waiting list text file, and if some user are there, it launch all the encryption commands with gpgit for every new user, and then clear the waiting list file. Basically, you just separate the vulnerable part of the process from the standard registration process. The only downside of this scheme is that the user registration will let them wait a max amount time of 1 minute ( you can add some loader bar indicating the percentage to visually satisfy the user ). About the line that you're telling me is not working, check the previous commands and the folder permissions: ```bash sudo mkdir /var/opt/gpgit/.gnupg sudo chown gpgit:gpgit /var/opt/gpgit/.gnupg sudo chmod 700 /var/opt/gpgit/.gnupg # Import the mail users public keys (we import this one, but this must be repeated for each new registered user) sudo -u gpgit /usr/bin/gpg --homedir=/var/opt/gpgit/.gnupg --import astronaut57@supersecure.mydomain.net.gpg ``` If you did it right it should work.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/EndtoEndEncryptedMailServer#1
No description provided.