My company, Globalcerts LC (http://www.globalcerts.net) builds email encryption appliances. Our CEO asked us if our product could do this and we took a look. Ours won't as we only handle mail leaving the organization and it's transport across the net, but it is possible to do.

Dbmail does not currently support encrypted storage. It is possible, but would require extensive work on dbmail, you would still end up with the headers in the clear in the DB, but there's no technical reason it can't be done. I'm also sure your CEO doesn't want to have to do it himself, Worry about key's, and hit extra buttons. That is the part that makes it REALLY difficult. The only REAL answer is to encrypt the message at it's source and decrypt it at it's destination. And this requires a lot more than Dbmail can handle alone.

Michael Luich
Programmer / Systems Engineer
GlobalCerts


M. J. [Micheal] OBrien wrote:
The CEO and CFO might be surprised to learn that writing something on an email is pretty much like writing it on the back of a postcard and mailing it. You will not absolutely prevent electronic mail sent through the SMTP protocol (over 20 years old) from being read by persons other than the recipient. We have run PGP keyservers for over a decade and never knew a system admin who could not read the mail even in a high security environment. If there is an issue with internal administrators, maybe the concerned CEO and CFO individuals should have email accounts elsewhere so that only "trusted" administrators at another company or institution can read their mail :o(

Here is a personal user's tool many people use for handling the occasional mail security issue. http://www.canadaemails.com/encrypt.shtml Here is another personal user's tool: http://www.thawte.com/secure-email/personal-email-certificates/
Her is a system admin's tool: http://gnupg.org/

In all of the above cases its more of a security-blanket "therapy" than a real security solution. The NSA, CIA, FBI and God all occasionally get their email read by somebody other than the intended recipient.
best of luck.
Mike

Sim Zacks wrote:
I've read a lot about password encryption with dbmail, but does (or can) dbmail support encrpytion of the actual messages? Our CEO and CFO are both very concerned with the idea of switching to IMAP because it would make it simple for the system administrators to read their email. They aren't as concerned with sniffers and stuff like that because that would require constant vigil. They are concerned that someone can open the mysql database (or go into the dbmailadministrator web front end) and query the database.

I was thinking that mail clients generally support SSL, which leads me to believe that if the user's public key is stored on the server then the dbmail should be able to encrypt all messages going into his box before they are stored and then the client will be able to open it with their private key.

Is something like this in place already?

Thank you
Sim
_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail


This email and any files transmitted with it are confidential and intended solely for the individual(s) or entity to whom they are addressed.

If you have received this email in error please notify the originator of the message.

Any views expressed in this message are those of the individual sender.

This message has been scanned for Content, viruses and spam by GlobalCerts RiskFilter - E-mail.
www.GlobalCerts.net



This email and any files transmitted with it are confidential and intended 
solely for the individual(s) or entity to whom they are addressed.

If you have received this email in error please notify the originator of the 
message.

Any views expressed in this message are those of the individual sender.

This message has been scanned for Content, viruses and spam by GlobalCerts  
RiskFilter - E-mail.
www.GlobalCerts.net

_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail

Reply via email to