On 10/28/2013 9:02 AM, Douglas Mortensen wrote:
Hi,
We have clients with various security & compliance requirements. Although not
required, it would be ideal to have messages encrypted at rest. We already use
SSL/TLS to secure the transmission of most email. However, it would be nice to have
them encrypted sitting on our server. Is anyone doing this? I think that ideally,
rather than full-disk encryption, we should use an encryption that encrypts the
actual email messages as they sit on our file system. This way even if we ever had
our server breached by an attacker, they wouldn't be able to do anything with the
messages. However, this would also mean that if the attacker can't decrypt the
files, than dovecot and postfix still would need to. This means that the encryption
key would need to be available to the dovecot deamon. We'd either need to have it
in a file that is restricted to access only by dovecot (less secure), or use an
encryption passphrase for the certificate which would have to be typed in manually
each time that dovecot starts or restarts (more secure, but also more work and
possibility of disruption because the server can't restart gracefully without a
human being having to be present [although I don't think we have issues with
unexpected restarts anyway]).
Is anyone doing anything like this with dovecot?
Thanks!!
-
Doug Mortensen
Network Consultant
Impala Networks Inc
CCNA, MCSA, Security+, A+
Linux+, Network+, Server+
A.A.S. Information Technology
.
www.impalanetworks.com
P: (505) 327-7300
F: (505) 327-7545
I use OpenVZ which is a near 0 overhead virtualization for Linux only.
So I create a separate virtual machine for web services and email
services. So someone hacking the web will never get at the email because
it's not there. It also allows me to back them up separately and
move/restore them separately on different computers.