On 2020-08-28 19:43, Grant Taylor wrote: > > The only way to get the key is to extract it out of the running VPS's > memory. Something that I think is beyond the capability of many, but > definitely not all, people. > > ... > > As long as STARTTLS is used (and validated) between the MTAs and the VPS > provider doesn't have a way to get the keys (because they are on an > encrypted disk), then the contents of the transmission should be fairly > secure.
I think I see where we're diverging: I'm assuming that the employees of the VPS provider can hop onto any running system with root privileges. I suppose you can make that pretty annoying to do. If you're willing to encrypt everything, then you can even put /boot on the encrypted disk, unlocking it in (say) grub. The VPS provider can still replace grub with something that faxes them your password, but it's not totally trivial. (How are you accessing the console at boot time? Is it using software from the VPS provider? It's turtles all the way to hell.)
