Boys I will write my opinion:
The FACTS:
A)After several mails about security, and avoiding others read your
mails.
Who said that nobody with a single sniffer is not reading NOW, at this
time ???. Including using TLS and PGP.
B)I asume of Ron comments if for example the company owner (or
director) dont
want that people of the systems area read their mail contents. Response: If
you dont thrust into yours employees, Make your own server or use an EXTERNAL
company.
C) If the user have access to server, is easy make all things that you
dont
want. Including destroy the server.
D) If the user can gain root privileges, is easy. See all mails and
folders.
Is so easy like change the maildrop config to send one copy to any user.
Dont care if you destroy with a hammer the complete harddisk, if he
have root
permision he already have a copy of your mail.
My Conclussion:
A) Is NOT so important a secure delete, is more important a SECURE
SERVER.
B) Exist servers with more than 100K users, with folders of 20K
messages ....
Are you sure want shred 10K mails/minute ???
C) any MUA will support this? or this mustbe a procedure for 60% of
spam
too??
Regars
Christian
El Miércoles, 21 de Junio de 2006 10:19, Ron Johnson escribió:
> Jay Lee wrote:
> > On Wed, June 21, 2006 9:05 am, Ron Johnson wrote:
> >> Not true. - From "man shred" regarding ext3: In both the
> >> data=ordered (default) and data=writeback modes, shred works as
> >> usual. Since it does not work on other journaled FS, that's why
> >> I suggested it be an option.
> >>
> >>> Are you using ext2 for your server FS? Encrypting the
> >>> partition or the whole storage should be a better solution.
> >
> > Is this really necessary though? Wouldn't it require root or
> > physical access to the server to read deleted files? If a
> > malicious user has that level of access you're screwed anyways
> > because now they can read mail as it comes in and goes out. And
> > again, this does nothing to prevent clients from caching emails.
> > This still seems like it should be performed at the FS level to
> > me, have you Googled around to see if any filesystems support a
> > "true delete"?
>
> I answered these questions 24 hours ago.
--
En un mundo sin fronteras.... ¿Quién necesita Puertas y Ventanas?
EN INGLES: In a world without frontiers, who needs Gates and Windows
_______________________________________________
Courier-imap mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
