Last active
March 14, 2024 22:26
-
-
Save kolargol/d551d132949068ce6efce7bc85a317cb to your computer and use it in GitHub Desktop.
Encrypts old mails for Dovecot mail-crypt-plugin
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/local/bin/bash | |
| # | |
| # Encrypt/Decrypt/Check emails with Dovecot's mail-crpyt-plugin | |
| # This script will encrypt/decrypt emails in-place | |
| # Please read: https://wiki.dovecot.org/Design/Dcrypt and https://wiki2.dovecot.org/Plugins/MailCrypt | |
| # | |
| # Update variables with your keys and patch otherwise you will loose data! | |
| # | |
| # I take no responsibility for data loos this script may cause | |
| # | |
| # IMPORTANT: | |
| # BEFORE USE ADD THIS MAGIC(5) TO YOUR LOCAL MAGIC DATABASE: | |
| # 0 string CRYPTED MailCrypt | |
| count=0 | |
| processed=0 | |
| tempfile=$(mktemp) | |
| uid=_vmail | |
| gid=_vmail | |
| maildir_path=/home/mailstore/maildir | |
| private_key_path=/etc/dovecot/crypt/master.key | |
| public_key_path=/etc/dovecot/crypt/master.pub | |
| if [ "$1" == "" ]; then | |
| echo "Missing user folder" | |
| exit 1 | |
| elif [ "$2" == "" ]; then | |
| echo "Missing folder name (ex. .Archives)" | |
| exit 1 | |
| fi | |
| case $3 in | |
| encrypt) mode=encrypt; text_d="Encrypting" | |
| ;; | |
| decrypt) mode=decrypt; text_d="Decrypting" | |
| ;; | |
| check) mode=check; text_d="Checking" | |
| ;; | |
| *) echo "Unknown mode. Modes: [encrypt|decrypt|check]"; exit 1 | |
| esac | |
| _encrypt(){ | |
| touch -r "$mailmessage" $tempfile | |
| doveadm fs put crypt private_key_path=$private_key_path:public_key_path=$public_key_path:posix:prefix=$maildir_path/$userdir/Maildir/"$box"/ $message $message | |
| touch -r $tempfile "$mailmessage" | |
| chown $uid:$gid "$mailmessage" | |
| } | |
| _decrypt(){ | |
| touch -r "$mailmessage" $tempfile | |
| doveadm fs get crypt private_key_path=$private_key_path:public_key_path=$public_key_path:posix:prefix=$maildir_path/$userdir/Maildir/"$box"/ $message > .tempdecrypted | |
| mv .tempdecrypted "$message" | |
| touch -r $tempfile "$mailmessage" | |
| chmod 0600 "$message" | |
| chown $uid:$gid "$mailmessage" | |
| } | |
| # special case for cur | |
| if [ "$2" == "cur" ];then | |
| box="cur" | |
| else | |
| box="$2/cur" | |
| fi | |
| userdir="$1" | |
| if [ ! -d $maildir_path/$userdir/Maildir/"$box"/ ];then | |
| echo "Folder do not exist: $maildir_path/$userdir/Maildir/$box/" | |
| exit 1 | |
| fi | |
| totalfiles=$(find $maildir_path/$userdir/Maildir/"$box"/ -type f | wc -l | xargs) | |
| echo | |
| echo "$text_d mails in $maildir_path/$userdir/Maildir/$box/" | |
| echo "Found $totalfiles, processing..." | |
| echo ". plain text" | |
| echo "* encrypted " | |
| echo "< encryptinge" | |
| echo "> decrypting" | |
| echo | |
| # operate in context | |
| cd $maildir_path/$userdir/Maildir/"$box"/ | |
| for mailmessage in $maildir_path/$userdir/Maildir/"$box"/*; do | |
| message=$(basename "$mailmessage") | |
| testfiletype=$(file -b "$mailmessage") | |
| if [ "$testfiletype" != "MailCrypt" ] ;then | |
| echo -n "." | |
| if [ "$mode" == "encrypt" ];then | |
| _encrypt | |
| echo -n "<" | |
| fi | |
| else | |
| echo -n "*" | |
| if [ "$mode" == "decrypt" ];then | |
| _decrypt | |
| echo -n ">" | |
| fi | |
| fi | |
| count=$(($count + 1)) | |
| processed=$(($processed + 1)) | |
| if [ $count == 10 ];then | |
| echo -n "$processed/$totalfiles" | |
| echo -e | |
| count=0 | |
| fi | |
| done | |
| rm -f $tempfile | |
| echo -e "\n\nDone" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment