My company, Globalcerts LC (http://www.globalcerts.net) builds email
encryption appliances. Our CEO asked us if our product could do this and
we took a look. Ours won't as we only handle mail leaving the
organization and it's transport across the net, but it is possible to do.
Dbmail does not currently support encrypted storage. It is possible, but
would require extensive work on dbmail, you would still end up with the
headers in the clear in the DB, but there's no technical reason it can't
be done. I'm also sure your CEO doesn't want to have to do it himself,
Worry about key's, and hit extra buttons. That is the part that makes it
REALLY difficult. The only REAL answer is to encrypt the message at it's
source and decrypt it at it's destination. And this requires a lot more
than Dbmail can handle alone.
Michael Luich
Programmer / Systems Engineer
GlobalCerts
M. J. [Micheal] OBrien wrote:
The CEO and CFO might be surprised to learn that writing something on
an email is pretty much like writing it on the back of a postcard and
mailing it. You will not absolutely prevent electronic mail sent
through the SMTP protocol (over 20 years old) from being read by
persons other than the recipient. We have run PGP keyservers for over
a decade and never knew a system admin who could not read the mail
even in a high security environment. If there is an issue with
internal administrators, maybe the concerned CEO and CFO individuals
should have email accounts elsewhere so that only "trusted"
administrators at another company or institution can read their mail :o(
Here is a personal user's tool many people use for handling the
occasional mail security issue. http://www.canadaemails.com/encrypt.shtml
Here is another personal user's tool:
http://www.thawte.com/secure-email/personal-email-certificates/
Her is a system admin's tool: http://gnupg.org/
In all of the above cases its more of a security-blanket "therapy"
than a real security solution. The NSA, CIA, FBI and God all
occasionally get their email read by somebody other than the intended
recipient.
best of luck.
Mike
Sim Zacks wrote:
I've read a lot about password encryption with dbmail, but does (or
can) dbmail support encrpytion of the actual messages?
Our CEO and CFO are both very concerned with the idea of switching to
IMAP because it would make it simple for the system administrators to
read their email. They aren't as concerned with sniffers and stuff
like that because that would require constant vigil. They are
concerned that someone can open the mysql database (or go into the
dbmailadministrator web front end) and query the database.
I was thinking that mail clients generally support SSL, which leads
me to believe that if the user's public key is stored on the server
then the dbmail should be able to encrypt all messages going into his
box before they are stored and then the client will be able to open
it with their private key.
Is something like this in place already?
Thank you
Sim
_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
This email and any files transmitted with it are confidential and
intended solely for the individual(s) or entity to whom they are
addressed.
If you have received this email in error please notify the originator
of the message.
Any views expressed in this message are those of the individual sender.
This message has been scanned for Content, viruses and spam by
GlobalCerts RiskFilter - E-mail.
www.GlobalCerts.net
This email and any files transmitted with it are confidential and intended
solely for the individual(s) or entity to whom they are addressed.
If you have received this email in error please notify the originator of the
message.
Any views expressed in this message are those of the individual sender.
This message has been scanned for Content, viruses and spam by GlobalCerts
RiskFilter - E-mail.
www.GlobalCerts.net
_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
