[Dovecot] E-Mail Encryption
Seth Mattinen
sethm at rollernet.us
Thu Jul 16 10:51:32 EEST 2009
Tom Hendrikx wrote:
> Thomas schreef:
>> Arkadiusz Miskiewicz wrote:
>>> On Wednesday 15 of July 2009, Patrick Domack wrote:
>>>> The only benefit this would being, is email being saved on the server
>>>> would be encrypted. Otherwise it offers no protection.
>>>>
>>>> I guess if you paranoid that the system admin might read your emails,
>>>> but then, he can just as easily read them as they come in or out of
>>>> the system.
>>> Actually such encryption is interesting as a protection in case when
>>> someone steals server hardware/disks.
>> It could be a feature. Why not.
>> But I'd say that's might be a better idea to encrypt the filesystem.
>> But... why not if you have time to code it :)
>>
>> Cheers,
>> Thomas
>
> When you have to worry about unauthorized persons having physical access
> to your hardware, you're solving the wrong problem. Encryption would add
> only false security because the person could also pop some sniffer
> device onto your NIC connection that reads wire traffic...
>
> The "de/encryption in deliver" concept is interesting, but imho not much
> use in real life. hard disk encryptoin would be much easier though (i.e.
> off-the-shelve). But I think these tin foil hat ideas get a little
> off-topic:)
>
Encrypting with a public key is completely reasonable, but for proper
security, the decryption should only take place on the client's trusted
workstation with their private key.
~Seth
More information about the dovecot
mailing list