On 08 Jan 2008 22:03, Sam Varshavchik wrote: > > Has anyone tried or considered a scheme whereby the > > contents of stored maildirs are encrypted on the server > > with the keys controlled by the end user ? > > No, I've not abused drugs /that/ much.
Well then... keep trying :) > > The main objection I hear from some clients, who prefer > > to use POP, is that they don't feel comfortable leaving > > sensitive business or personal info somewhere they really > > do not have any control over. > > And if the underlying storage is encrypted they're still not in full > control, since the messages can be easily intercepted before they are saved > to disk. If the MTA's local delivery agent handled the encryption, using a public key supplied by and from the users homedir, it would eliminate any other user on the system from interferring with the messages. Sure, Google Mail engineers and hacked LDA's could intercept messages on contrived systems but, in general, once messages were encrypted then they would be safe from further prying. I have some users with stored messages that are over 3 years old... they use IMAP for long term message storage and this idea would particularly suit them. They are also the ones that use SSL and stored calendars (using Kontact). > Something like this is properly handled in the mail client, which would > encrypt the messages before sending them to the server. OpenPGP is a > perfectly working standard, for this. I disagree because there is no way anyone can ensure general incoming mail from a wide range of sources would be encrypted by the sender. Widespread general use of PGP may never happen. PGP would be reasonable in a situation where a user pulls their mail via POP, then PGP encrypts it locally and then re-uploads it back up to the server for storage under another user account... but that's dumb when the LDA could have done the encryption at the first point of the delivery chain where the user could provide their own public key without any active involvement by the original sender(s). The point of this suggestion is that it doesn't require the sender to do anything special nor the receiver to use any special technique, or MUA, other than perhaps to use SSL to connect to the mail server to slightly improve end to end security. --markc ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
