Hi,

On Wednesday 11 December 2002 22:16, Remo Mattei wrote:
> Hi guys does any of you have an howto on how to have email drop in the
> user mailbox encrypted? So if send to a particolar address it's going
> to be automatically encrypted.

I have often been thinking about this myself.
We must face one thing, as long as the mail is travelling unencrypted, 
somebody can read it. The root-user of the local mailserver can always 
read it!

I see two scenarios.

1. Client side software is helping.
Pros:
One can use existing PGP encryption with fairly good client support.
PGP's prone public key system would make it quite secure too.

Cons:
It requires client side support (PGP software).

2. Invisible to client side.
Could be implemented using some sort of public-key crypto, where the 
private part was the pop3/imap password.

Pros:
It doesn't require any client side support.
Will stop the occasional cracker.

Cons:
Too unsecure to be used.
Root will have access after the mail is encrypted! (think about it!)

Just a few thoughts... (btw: I ended up using tcpserver with ssl support)

/Anders


Reply via email to