On Mon, June 19, 2006 10:54 pm, Ron Johnson wrote: > As we all know, emails can have very sensitive information in them. > Deleting them, though, just does a ulink(), which means they can be > recovered with a modest bit of technical knowledge. > > So, I propose that an option be added to shred email files before > they are ulinked. GNU Shred does an adequate (and fast) job of this, and > is license-compatible with Courier, so it "should" be easy to implement > using the relevant routines from GNU fileutils. > > http://www.gnu.org/software/fileutils/doc/manual/html/fileutils.html > > > Since not every FS works well with shred, it should be an option in > the imapd config file. > > Yes, this is not perfect, and has limitations, and can be downright > *slow* if you decide to shred 10,000 files with 25 overwrites, but > is better than nothing, and as I said, "should" be easy to implement. > > Thoughts?
I would say this is something that should be implemented at the filesystem level, not by Courier. It also may give the admins a false sense of security. While the server may be immediately zeroing out deleted emails client computers won't and hackers will always look for the easiest target. Jay -- Jay Lee Network / Systems Administrator Information Technology Dept. Philadelphia Biblical University -- _______________________________________________ Courier-imap mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
