Encrypt ~/Maildir


#1

Is there a way to encrypt the contents of ~/Maildir folder? (and still be able to use it with squirrelmail webmail?)

tia,
rouble


#2

mails are managed by DH no (ans squirrel is only a client) ?


Get [color=#CC0000]$97[/color] Off with promo code :[color=#CC0000]97USA[/color] :cool: -->choose your plan (promo code included)


#3

Why would you need to encrypt ~/Maildir? By default it is completely locked down so only your user has access to it. Also if it is a mail-only user then there is no way to get direct access to this directory.


#4

“Why would you need to encrypt ~/Maildir? By default it is completely locked down so only your user has access to it. Also if it is a mail-only user then there is no way to get direct access to this directory.” – houkouonchi

The emails are completely visible to root. Also what if the account gets hacked … they’ll be completely visible to the hacker.


#5

If the box is hacked you wont be helped by encrypting your maildir, since the mail will have to leave the box decrypted. If you don’t add support for encryption in the client…

So you have to install Thunderbird with Enigmail or use Firefox with FireGPG if you want to use webmail. As far as I remember there is no other way, you have to get the sender to encrypt his mail. Because when you are hacked there is no way ou can encrypt you way out of that, sure you can protect the data already received, if you don’t support the encryption on the client.

http://firegpg.tuxfamily.org/

Good luck.


#6

You might be able to use procmail to run the messages through GPG as they are received. Then they would be encrypted on disk and if you ran GPG in your mail client it would be completely transparent. I would be concerned about what kind of load this would put on the DH mail servers; I believe DH kills procmail processes that take too long.

Larry


#7

But the key that gpg uses would still be available on the DH server, so that wont work? And when a hacker has acces to the machine he can still read the mail.

So the best solution is to always encrypt your mail, make everyone use GPG.


#8

GPG only needs the public key, which is intended to be freely available, to encrypt the mail.

Larry