Hi Sim, I think your management is coercing you to do something a lot op the techies on this mailinglist wouldn't want to implement, simply because from the technical point of view it has no added value. (except the perceived value by your management)
If your management is this paranoia about confident emails they receive, why are you letting them store mail on the server? Wouldn't old-school POP reduce the 'risks' significantly? That way the security of their local email is *their* problem. The perceived risks are smaller (while they in fact they are far larger) This is the same problem my grandmother had with electronic cash. She couldn't be convinced that having money on a bankaccount was more safe than having it on her. The best you can do for your management is explaining it to them. As to accidental reading of emails: - Your mail database will grow fast, with lots of data and not much information. I don't do an accidental select * from `dbmail_messageblks` as it gives me too much records to be able to process. - The messageblk field is a blob. My database editor doesn't show me data in blob's by default (as it is binary data) - WHERE `messageblk` LIKE '%salary%' does not count as accidental reading of mail. In the Netherlands, intentional reading of an email not sent to you is prohibited by law. Email is considered mail under the postal law. This might be the same with you, and it probably is the best way to keep mail safe. As pointed out email is never safe. The dutch company DigiNotar http://www.diginotar.com/ (there must be many more, this is just a company I know) provides safe transfer of documents and other such services. (we get our monthly salary statement from our accountant sent with it) Good luck! On Wed, 2008-01-30 at 08:28 +0200, Sim Zacks wrote: > What I am looking for is a way to convince management that someone doing > maintenance on the database will not be able to read all their email. > They understand the intrinsic insecurity of email. They are just trying > to avoid passive intrusion as opposed to active intrusion. One example > is that my system admin, without trying to read anybodys email, was > trying to learn how the tables work, so he opened the tables in a MySQL > viewer and looked at what data was in each table. He wasn't _actively > trying_ to read email, but while doing it he did read email. > > However, the 2 requirements are that they can read the message on the > client without having to jump through hoops and that they don't have to > tell everyone who sends them a message that they have to send it > encrypted. Without those 2 things they are going to stay with regular > POP email (not dbmail POP, which still keeps the mails in the database > until cleanup, if I understand correctly). > > James Cloos idea of doing the encryption at the MTA is a great idea that > I hadn't thought about. I'm going to investigate the possibility. > > Sim > > > -------- Original Message -------- > Subject: [Dbmail] mail encryption > From: Dave Logan <[EMAIL PROTECTED]> > To: DBMail mailinglist <[email protected]> > Date: Tuesday, January 29, 2008 07:08:02 PM > > So, I'm just throwing this out there, are you looking for > > true encryption, or just an obfuscation? For example could > > you do a rot13 or something equivalent? Sure it's not real > > security, and it's easily enough worked around, i.e. > > instead of searching for 'salary' I'd search for the rot13 > > value of 'salary'. But maybe it's an extra step that would > > make them (the management) feel more secure. And isn't that > > what this is really about? > > dave > > > > > > _______________________________________________ > DBmail mailing list > [email protected] > https://mailman.fastxs.nl/mailman/listinfo/dbmail
_______________________________________________ DBmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
