Re: [Exim] Wanted: encrypted mail storage

Top Page
Delete this message
Reply to this message
Author: Rich Johnson
Date:  
To: Walt Reed
CC: exim-users
Subject: Re: [Exim] Wanted: encrypted mail storage
On Wednesday, August 6, 2003, at 05:00 PM, Walt Reed wrote:

> On Wed, Aug 06, 2003 at 04:48:56PM -0400, Rich Johnson said:
>> Does anyone know of a way to encrypt the mail storage? My goal is to
>> add a layer of privacy to the mail--especially mail for virtual
>> users--which is stored on the server and replicated on the server
>> backups.
>>
>> - An ideal method would support per-user/virtual-user keys for
>> delivered messages.
>> - Queued and/or frozen messages could use the TLS key.
>> - Both the MTA(exim) and IMAP server (courier-imap) would need to
>> support the method chosen.
>
> Hmm. Seems to me that you could deliver to mailboxes piping via gnupg.
> Not too hard on the exim side, but I don't know about courier (I don't
> use it.) You would probably need to code something into it. Do you
> really need to deal with queued / frozen mail too?

The primary consideration is that user mail should be shielded from the
casual browser.
Encrypting queued/frozen mail is a secondary consideration because
there's not much of it. Eventually I'd like to encrypt all the
persistent message data. The mailbox is write only with encrypted
data during delivery. Not even header data is available without
>
> Anyway, SOMEWHERE you are going to need to have unencrypted keys if you
> want to decrypt on the fly. Either that or let the users decrypt
> everything themselves and you just wrap each email in pgp using a
> public
> key they give you.

_I think_ ths is what I'd like to do. I'd store the public key along
with the user's name and password so the MTA encrypts incoming mail.
The MUA would use the decryption key on the user side. Alternately, it
could supply a decryption key when a IMAP and/or webmail session is
established--in this case the server would be required to forget the
key when the session ends. (Incidentally, webmail brings up another
problem--how does the client obtain the decryption key?)

Ugh...I think I'm backing into a new protocol here. Is there a better
forum for this?

--rich