Hi Matt, I think the concern is more about hackers breaking into the system and being able to grep info from the files as mail flows through the system. The disk encryption I think is only really a win if the physical volume is stolen?
Thanks Scott.. -----Original Message----- From: Matt Thomas [mailto:[email protected]] Sent: March-30-13 12:26 PM To: [email protected] Cc: [email protected] Subject: Re: NetBSD/Postfix On Mar 30, 2013, at 6:16 AM, Scott Burns <[email protected]> wrote: > Hello list, > > We have an opportunity to provide a hosted solution for a new customer. We would like to use NetBSD for part of this solution. The solution involves the intake and processing of large volumes of email. Due to some customer requirements /gov't regulations the incoming spooled mail files need to be encrypted when on disk. Is it possible to setup postfix, or I guess sendmail, to encrypt it's mail files (like /var/spool/mqueue from my sendmail days) when they are stored on disk before being forwarded to another machine? > > In this case postfix will be forwarding the email off to another machine after receiving/spam filtering occurs on the postfix machine. Once into the other machines custom mailserver we have control of this issue as the messages are dissected and processed. Would using cgd be a solution? (e.g. encrypt the whole disk)
