[Dovecot] Encryption solution for messages at rest

Robert Schetterer rs at sys4.de
Tue Oct 29 09:54:04 EET 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Am 28.10.2013 20:14, schrieb Douglas Mortensen:
> Currently our dovecot servers are on our webhosting linux boxes. We
> are using the LAMP stack to host websites, and also doing email
> with postfix & dovecot on these systems. We provide this as a
> hosting setup for 100+ accounts/websites on a single server (a
> multi-tenant setup). Each customer has anywhere between 1-100 email
> accounts which Dovecot services.
> 
> If a customer has vulnerable PHP code on a website, some of these
> will allow a remote file upload. I have seen cases where they
> upload a PHP script that is a sort of web-based console/shell to
> the server (file-system, etc.). It provides several tools which all
> run through the uploaded PHP script to try to brute force and do
> other attacks. I've seen attempts at a root exploit. We've never
> had a root exploit and any such case of a customer's site being
> hacked has been easily contained by simple filesystem permissions
> being correct (and the fact that we have apache setup to run all
> scripts as the user who is the owner of the script files, which
> confines the script to that users' permissions). Still nobody loves
> the idea of bad guys trying to hack on your box.
> 
> So.... given that type of scenario, if filesystem permissions
> weren't correct, or some new exploit surfaced that allowed someone
> bypass or elevate to root, then they could theoretically have
> access to the entire fileystem including where emails are stored.
> 
> I hope to never have this sort of thing happen. We patch our
> systems regularly and have other security measures we follow to
> prevent this. We also are managing most of the PHP scripts
> customers use ourselves now and are updating those for the CMS' and
> other systems proactively.
> 
> However, it would be nice to know that even if we were breached,
> the emails on the server were encrypted and would be completely
> useless to an attacker.
> 
> This type of encryption is ideal and some regulations prefer
> (although don't require) it. - Doug Mortensen Network Consultant 
> Impala Networks P: 505.327.7300


you shouldnt host mail/imap services on the same servers with massive
http hosting, i dont see a real connection between php bugs etc and
dovecot, it more a question of setup design you have choosen what
makes thing more bad then they have to be

> 
> -----Original Message----- From: dovecot-bounces at dovecot.org
> [mailto:dovecot-bounces at dovecot.org] On Behalf Of Michael Orlitzky 
> Sent: Monday, October 28, 2013 11:52 AM To: dovecot Subject: Re:
> [Dovecot] Encryption solution for messages at rest
> 
> On 10/28/2013 12:02 PM, Douglas Mortensen wrote:
>> Hi,
>> 
>> We have clients with various security & compliance requirements. 
>> Although not required, it would be ideal to have messages
>> encrypted at rest.
> 
> You can rule out a lot of the crazier options by answering the
> questions,
> 
> (a) What attack scenario do you have in mind?
> 
> (b) How will encryption help?
> 


Best Regards
MfG Robert Schetterer

- -- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSb2mWAAoJEP8jBObu0LlEWkAH+gImez3F9cz1c5TcbgWTMdP6
onrp2Swd5gw6bKNkj2R6bzvtNPTNtrCUxVNU8c8YIIyeMK+fq3d6YxjB8p5nwrrR
AqL82xo97CbjPluldrcUAZUzBSUMrIjXC4dKAQvpD/Nhl7QMmPmeCcvZ8B39urcs
4AT2vSDI5wvuMtpKzj2ohA5P9UAwDPmm6beihWn73IubCWeUcO47sJj4W0dnO2bv
OZ2k6TwLfRbdkqH3wH0JEGqnYgrRxm9czkidH1C5JJM5MAosJoTn21dSbLZoqD8O
pmdT7jqUfyZ1GkUDO2OqEHl1V04RQhlP0wxAKTh39ahvQrXZgPzTwhxw6T0cZoM=
=zZYc
-----END PGP SIGNATURE-----


More information about the dovecot mailing list