On 15 Jun 2001 16:00:08 +0200, Robin Putzar wrote:
> Now my boss asked me whether it is possible to either encrypt all
> mailboxes or log all accesses to it, so that root isn't able to read any
> mail. Under MS Exchange this is possible, he says (or at least you ought
> to install some extra program to view the mailboxes), so on the new server
> the administrator shouldn't be able to read messages, too.
There were some things around
allowing encrypted home directories
which were supposedly root proof
(unless of course they had hacked
the kernel around). I am not sure
if they would allow root daemon
access to the files - which
obviously exim would need.
An alternative would be to bulk
encrypt all the incoming mail to the
public key of the recipient... would
be an interesting thing to try, but
I wouldn't trust *my* mail to it...
Nigel.
--
[ Nigel Metheringham Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000 Fax +44 1423 858866 ]
[ - Comments in this message are my own and not ITO opinion/policy - ]
[ ----- Security is not an add-on -- security is a way of life ----- ]
