Some companies and governments in the United States at least have very strict policy requirements regarding various aspects of security and encryption. Transit encryption (ssl/tls from MTA to MTA) and local encryption of messages sometimes is a requirement if you want to be able to bid on government contracts.
https://www.bidsync.com/DPX?ac=view&auc=158380 This example is not for hosting mail but for an anti-spam/anti-virus service (they refer to it as email hygiene) that required message encryption on the transit MTA servers disk as well as tls/ssl for MTA to MTA encryption.
So this example does not apply directly to Dovecot but it does show there are needs for this level of encryption in general for various customers.
-----Original Message----- From: dovecot-bounces+jkrejci=usinternet.com@dovecot.org [mailto:dovecot-bounces+jkrejci=usinternet.com@dovecot.org] On Behalf Of Tom Hendrikx Sent: Thursday, July 16, 2009 2:47 AM To: Thomas Cc: dovecot@dovecot.org Subject: Re: [Dovecot] E-Mail Encryption
Thomas schreef:
Arkadiusz Miskiewicz wrote:
On Wednesday 15 of July 2009, Patrick Domack wrote:
The only benefit this would being, is email being saved on the server would be encrypted. Otherwise it offers no protection.
I guess if you paranoid that the system admin might read your emails, but then, he can just as easily read them as they come in or out of the system.
Actually such encryption is interesting as a protection in case when someone steals server hardware/disks.
It could be a feature. Why not. But I'd say that's might be a better idea to encrypt the filesystem. But... why not if you have time to code it :)
Cheers, Thomas
When you have to worry about unauthorized persons having physical access to your hardware, you're solving the wrong problem. Encryption would add only false security because the person could also pop some sniffer device onto your NIC connection that reads wire traffic...
The "de/encryption in deliver" concept is interesting, but imho not much use in real life. hard disk encryptoin would be much easier though (i.e. off-the-shelve). But I think these tin foil hat ideas get a little off-topic:)
-- Tom