Hi,
On Wednesday 11 December 2002 22:16, Remo Mattei wrote:
Hi guys does any of you have an howto on how to have email drop in the
user mailbox encrypted? So if send to a particolar address it's going
to be automatically encrypted.
I have often been thinking about this myself.
We must face one thing, as long as the mail is travelling unencrypted,
somebody can read it. The root-user of the local mailserver can always
read it!
I see two scenarios.
1. Client side software is helping.
Pros:
One can use existing PGP encryption with fairly good client support.
PGP's prone public key system would make it quite secure too.
Cons:
It requires client side support (PGP software).
2. Invisible to client side.
Could be implemented using some sort of public-key crypto, where the
private part was the pop3/imap password.
Pros:
It doesn't require any client side support.
Will stop the occasional cracker.
Cons:
Too unsecure to be used.
Root will have access after the mail is encrypted! (think about it!)
Just a few thoughts... (btw: I ended up using tcpserver with ssl support)
/Anders
