-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 23 Oct 2013, Robert Schetterer wrote:
Am 23.10.2013 13:16, schrieb BONNET, Frank:
my first question is : does postfix and dovecot are able to use an encrypted filesystem such as Encfs ?
i am not an expert with crypto filesystems, but from my few, depend to "mail" this would be a feature "on top" ( additional to i.e vpn, ssl, tls, gpg ) , the main problem may be ever, you have to mount the mailbox partition read/writable to dovecot, so you might not get what
With PAM you can mount AFS and EncFS user volumes with the user password transparently. (Well, I did not used EncFS in production, but in theory). So, each Dovecot process would run with special user privilegues to access the user's mails.
That however imposes the problem, how mails are delivered into the mail storage without some sort of master user, because the MDA does not gain the user privilegues without the user's password. Maybe, for that a "pending INBOX" had to be created, from where the user slurps the new mails on login with the snarf plugin.
youre hoping to get from the security sight
Yes, I agree.
And yes STARTTLS will be used for both SMTP & IMAP access
With Dovecot you can use the "secure" variable, dunno if this works with PMA though.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUmftwl3r2wJMiz2NAQIPpQgAt3O3fZ68L2XyAOvTE9vmaiAQfuRIqoIK 6L5kBogZ+l8cESdlX5L/sotsOaMTWd4UisapvtsAurLavOQgB7rOBK7+/RVWX9Mj n5pPHNBK7T0V8n6p1NI74jpsEkNuWRk4D7UGP0wa1Jypul50rF/icZHjJfeP011p tQsgfziSZRZSi9cwSFFYUMPAqagljyQyr8nQ5D7DtrUd9rcbvfAkXACIPx8jjAUz g1sr0vprv44poLSjh7djBgDFSN4hbViynj86i8YMf10RYq8s9eNnEhHrzeVpVdj+ BlwvafT+TMl7NdFPnqYZHj1difp70YH00LM/INZfZWfRxCENjGo/TQ== =AHnD -----END PGP SIGNATURE-----