[Dovecot] Disk Encryption

Charles Marcus CMarcus at Media-Brokers.com
Wed Mar 27 13:23:45 EET 2013

Did anyone else get 13 identical copies of this response from Daniel???

On 2013-03-27 12:47 AM, Daniel Reinhardt <cryptodan at gmail.com> wrote:
> If you are concerned about data being left on a hard drive when it fails
> and you are returning it to vendor, then I would consider hard drive
> degaussers.  They are effective, but are very costly.
> On Wed, Mar 27, 2013 at 12:36 AM, Xin Li <delphij at delphij.net> wrote:
>> Hash: SHA256
>> On 3/25/13 6:24 AM, Simon Brereton wrote:
>>> On 25 March 2013 12:30, Robert Schetterer <rs at sys4.de> wrote:
>>>> Am 25.03.2013 11:03, schrieb Simon Brereton:
>>>>> Hi
>>>>> As I understand it email headers need to be unencrypted
>>>>> (otherwise DKIM doesn't work).  From the MUA to either Postfix,
>>>>> or Dovecot the connection is (or can/should be) secured with
>>>>> TLS/SSL.
>>>>> What I would like to know is if it is possible to encrypt the
>>>>> mailstore?  Postfix is using Dovecot for delivery so it's only
>>>>> Dovecot that would need to encrypt/decrypt the mailstore.
>>>>> Is this possible?  Is there a terrible reason to do it even if
>>>>> it is possible?
>>>>> I realise that from MTA to MTA there's no guarantee of
>>>>> encryption (and in fact it's very unlikely unless keys have
>>>>> been exchanged), but my primary goal is supplement the physical
>>>>> security of the mail store of mails we already have or have
>>>>> sent.
>>>>> Mostly just idle curiosity as to what has been done, or what
>>>>> could be done.  What is worth doing is a separate thread
>>>>> entirely.
>>>>> Thanks.
>>>>> Simon
>>>> my meaning
>>>> crypted mailstore makes sense in a mail archive, in germany you
>>>> have to have a mail archive for some kind of company emails all
>>>> these solutions have some crypted mailstore , and some more
>>>> features for data security, but thats a big theme, to big for
>>>> here
>>>> crypt storage isnt "the saveness" per default, someone hacking
>>>> the system and get root may hack your crypt storage too etc, also
>>>> to big theme for here
>>> Robert, indeed, this is sort of my point.  If we encrypt laptop
>>> harddrives to prevent unauthorised access, that doesn't prevent
>>> the possiblity of someone who already has admin access to the
>>> device from decrypting/viewing/moving files.  What it does do is
>>> prevent unauthorised access to the data if there is no admin
>>> access.
>>> Currently my mail store isn't encrypted and I would like to know if
>>> it is possible to do that, and if so, maybe get some pointers.
>> Let's say you operate a mail server which uses a RAID array (or ZFS
>> pool) as backend storage and one day one disks goes bad and needs to
>> be replaced.  You don't want information being leak from that bad disk
>> when returning to vendor for replacement.
>> There are a lot of solutions to this issue.  One possible way is to
>> use FreeBSD's full disk encryption, geli(4), to encrypt all hard
>> drives and have the email server hold the key on its boot partition,
>> but don't protect it with a password so that the mail server can boot
>> without any human intervention.
>> Encrypting individual user's mail store make little sense as one can
>> still get your decryption key if they got root privilege, usually by
>> tracing the login process or just replace it with something that can
>> do the login but also save login credentials.  In short, if root have
>> been compromised, it's game over already.
>> Cheers,
>> tw6ZhxqQxhHVsg69kQPmIRVnMvlv0bhRqQphaJl5PQJAnfiwvrulx8ruFfTWIM3W
>> xyxKMQtY/pJouRJwz1SZsfuuBNjU+ACX17IXIi5NDkLm8IT1FLgS9fWaYotACIUe
>> 5fTXgodDDAGrWoYE4X1WTJiYCEE4UisilExaAJ0quk72NO/TzMnsLktR7mx0eSaP
>> NqAi8ger9a2rflStgdJlI6pCmzRs4onAs2YWZq4F5Nv/wnnUysMsSjwNW+MuL4WY
>> jWbX8oF+11kyH14vPLvzLKvMXjC9yKf8G880OPuMmgFQOrYAXzP5yp3w/rRVBCM=
>> =SMvV
>> -----END PGP SIGNATURE-----


Best regards,

Charles Marcus
I.T. Director
Media Brokers International, Inc.
678.514.6224 | 678.514.6299 fax

More information about the dovecot mailing list