On Fri, 15 Jun 2001 16:00:08 +0200, Robin Putzar wrote:
> Now my boss asked me whether it is possible to either encrypt all
> mailboxes or log all accesses to it, so that root isn't able to read any
> mail.
Sure, it's possible (with effort).
But you need to help your boss understand how pointless this is. If he
doesn't trust root on the box, then encrypting the mailboxes is futile.
The superuser can sniff messages off the ether while they're being
transmitted to and from the outside world and store them for her reading
pleasure.
If all you want to protect is mail sent from one local user to another
local user, client-side message encryption is the answer. If your
remote correspondants can be made to use cooperating client-side message
encryption, then you can solve the whole problem in this way.
Sort the problem out at the two end points, where you have full control.