[Dovecot] E-Mail Encryption

Jacek Osiecki joshua at hybrid.pl
Thu Jul 16 13:06:39 EEST 2009


On Thu, 16 Jul 2009, Tom Hendrikx wrote:

> Thomas schreef:
>> Arkadiusz Miskiewicz wrote:
>>> On Wednesday 15 of July 2009, Patrick Domack wrote:
>>>> The only benefit this would being, is email being saved on the server
>>>> would be encrypted. Otherwise it offers no protection.
>>> Actually such encryption is interesting as a protection in case when
>>> someone steals server hardware/disks.
>> It could be a feature. Why not.
>> But I'd say that's might be a better idea to encrypt the filesystem.
>> But... why not if you have time to code it :)

If someone manages to steal hardware, there nothing would stop such person
from simply starting the system. And since system will rather start up
automatically, the disk(s) would be decrypted. Correct me if I'm wrong.

> When you have to worry about unauthorized persons having physical access
> to your hardware, you're solving the wrong problem. Encryption would add
> only false security because the person could also pop some sniffer
> device onto your NIC connection that reads wire traffic...

But it would be a great option for maintaining a mail system for any
corporation - usually management-level users are paranoid about someone
reading their emails... The only problem is, that in such situation
passwords should not be stored in plaintext...

> The "de/encryption in deliver" concept is interesting, but imho not much
> use in real life. hard disk encryptoin would be much easier though (i.e.
> off-the-shelve). But I think these tin foil hat ideas get a little
> off-topic:)

As I say - hard disk encryption does not solve problem when someone steals
the hardware, does not help when your clients are paranoid :)

Best regards,
-- 
Jacek Osiecki joshua at ceti.pl GG:3828944
I don't want something I need. I want something I want.


More information about the dovecot mailing list