Re: [Exim] inbox encryption

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMJohn W Baxter at <-
MM 
Delete this message
Reply to this message
Author: Matt Bernstein
Date:  
To: Sheldon Hearn
CC: Robin Putzar, exim-users
Subject: Re: [Exim] inbox encryption
On Jun 15 Sheldon Hearn wrote:
>On Fri, 15 Jun 2001 16:00:08 +0200, Robin Putzar wrote:
>
>> Now my boss asked me whether it is possible to either encrypt all
>> mailboxes or log all accesses to it, so that root isn't able to read any
>> mail.
>
>Sure, it's possible (with effort).
>
>But you need to help your boss understand how pointless this is. If he
>doesn't trust root on the box, then encrypting the mailboxes is futile.
>The superuser can sniff messages off the ether while they're being
>transmitted to and from the outside world and store them for her reading
>pleasure.

Yes.. maybe your way to convince him is to write a sniffer for the
"secure" Exchange server box ;)



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Large attachments.Re: [Exim] dbm updates->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)