[Dovecot] Disk Encryption
Jeroen Massar
jeroen at massar.ch
Wed Mar 27 12:17:02 EET 2013
[..]
> Currently my mail store isn't encrypted and I would like to know if
> it is possible to do that, and if so, maybe get some pointers.
There are two main roads:
- filesystem/disk based encryption
* Fast and easy to setup though (eg LUKS on Linux)
* does not protect against a running system being attacked, eg
that they can run custom code in the same security level that
thus can read the unencrypted content.
- per-file encryption, eg with PGP/GnuPG
* Likely more complex to setup/fail-prone
* attacker getting access can only encrypt more mail and/or
of course subvert any new mail, but can't decrypt old.
* there are a couple of tools which enable this, typically it is
a procmail/pipe through gnupg
* Decryption of mails can be done with a "IMAP-proxy" style tool
or possibly better/easier by the mail client.
* Check out:
- https://github.com/isislovecruft/leap_mx
- https://grepular.com/Automatically_Encrypting_all_Incoming_Email
-
https://perot.me/encrypt-specific-incoming-emails-using-dovecot-and-sieve
For both:
* Store your decryption keys in a secure/offline place
(cold-boot attacks)
* "Rubber Hose Crypto": http://www.schlockmercenary.com/2006-03-29
* "Lead Pipe Crypto": http://www.schlockmercenary.com/2009-10-19
Of course it always depends on the attack vectors that you are
protecting against ;)
Greets,
Jeroen
More information about the dovecot
mailing list