Hello Community,
(sorry to be more busy, hence more running questions in parallel :) )
As mentioned in another post, I am testing mail_crypt plugin.
I was wondering how to really secure the process sothat even the admin
cannot have any access to the other users mail content.
My current config is simple:
- using per-folder keys (hence the per-user spaces are preserved)
- put the public/private global keys in base64 format into the sql DB
(elliptic algo)
This obviously allows anyone with read access to the table to decrypt
the mails from the filesystem... which I try to prevent.
Considering of course that all mail users are virtual and do not (and
may not) have access to the box itself:
- how can I secure the keys? I do not see how to handle a assword for them?
- a solution might be to crypt/decrypt the keys using the user's password?
- other?
Thank you for you help.
