On 10/28/2013 9:02 AM, Douglas Mortensen wrote:
Hi,
We have clients with various security compliance requirements. Although not
required, it would be ideal to have messages encrypted at rest. We already use
SSL/TLS to secure the transmission of most email. However, it would be nice to have
On 28/10/13 23:22, Frerich Raabe wrote:
On 2013-10-28 20:23, Reindl Harald wrote:
Am 28.10.2013 20:14, schrieb Douglas Mortensen:
However, it would be nice to know that even if we were breached, the
emails on the server were encrypted and would be completely useless
to an attacker.
This type
Date: Tue, 29 Oct 2013 08:54:04 +0100
From: Robert Schetterer r...@sys4.de
To: dovecot@dovecot.org
Subject: Re: [Dovecot] Encryption solution for messages at rest
Message-ID: 526f699c.9080...@sys4.de
Content-Type: text/plain; charset=ISO-8859-1
you shouldnt host mail/imap services on the same
On 28.10.2013, at 18.02, Douglas Mortensen d...@impalanetworks.com wrote:
We have clients with various security compliance requirements. Although not
required, it would be ideal to have messages encrypted at rest. We already
use SSL/TLS to secure the transmission of most email. However, it
Hi,
We have clients with various security compliance requirements. Although not
required, it would be ideal to have messages encrypted at rest. We already use
SSL/TLS to secure the transmission of most email. However, it would be nice to
have them encrypted sitting on our server. Is anyone
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 28.10.2013 17:02, schrieb Douglas Mortensen:
Hi,
We have clients with various security compliance requirements.
Although not required, it would be ideal to have messages encrypted
at rest. We already use SSL/TLS to secure the transmission
On 10/28/2013 12:02 PM, Douglas Mortensen wrote:
Hi,
We have clients with various security compliance requirements.
Although not required, it would be ideal to have messages encrypted
at rest.
You can rule out a lot of the crazier options by answering the questions,
(a) What attack
] On
Behalf Of Michael Orlitzky
Sent: Monday, October 28, 2013 11:52 AM
To: dovecot
Subject: Re: [Dovecot] Encryption solution for messages at rest
On 10/28/2013 12:02 PM, Douglas Mortensen wrote:
Hi,
We have clients with various security compliance requirements.
Although not required, it would
...@dovecot.org] On
Behalf Of Michael Orlitzky
Sent: Monday, October 28, 2013 11:52 AM
To: dovecot
Subject: Re: [Dovecot] Encryption solution for messages at rest
On 10/28/2013 12:02 PM, Douglas Mortensen wrote:
Hi,
We have clients with various security compliance requirements.
Although
On 28/10/2013 19:14, Douglas Mortensen wrote:
So given that type of scenario, if filesystem permissions
weren't correct, or some new exploit surfaced that allowed someone
bypass or elevate to root, then they could theoretically have
access to the entire fileystem including where emails are
On 10/28/2013 03:14 PM, Douglas Mortensen wrote:
If a customer has vulnerable PHP code on a website, some of these
will allow a remote file upload. I have seen cases where they upload
a PHP script that is a sort of web-based console/shell to the server
(file-system, etc.). It provides several
Am 28.10.2013 20:49, schrieb Michael Orlitzky:
On 10/28/2013 03:14 PM, Douglas Mortensen wrote:
If a customer has vulnerable PHP code on a website, some of these
will allow a remote file upload. I have seen cases where they upload
a PHP script that is a sort of web-based console/shell to the
On 2013-10-28 20:23, Reindl Harald wrote:
Am 28.10.2013 20:14, schrieb Douglas Mortensen:
However, it would be nice to know that even if we were breached, the
emails on the server were encrypted and would be completely useless to
an attacker.
This type of encryption is ideal and some
On 29/10/2013 03:19, Robert Schetterer wrote:
https://perot.me/encrypt-specific-incoming-emails-using-dovecot-and-sieve
I got worried, laughed, and stopped reading at:
not only do you not have to edit any Postfix configuration (which by
itself is an exercise in patience),
As you
14 matches
Mail list logo
