[tor-talk] Securing servers

tor at lists.grepular.com tor at lists.grepular.com
Tue Oct 11 18:24:47 UTC 2011


On 11/10/11 19:00, Jeroen Massar wrote:

> IMHO one can 'safely' use those kind of service up to a certain level
> given that you either don't use it for communications you don't care
> that they are leaked or if you do care about that that people sending
> email to it use PGP so that only sender/receiver is disclosed when they
> do get access to that store. (assuming adversary is unable to crack your
> PGP crypto of course ;)

Even if the sender doesn't encrypt before sending (as most don't), you
can always PGP encrypt incoming mail as it hits your mail server. That
way, if your server/network is compromised, at least your email from
before the compromise took place is protected. It also protects the mail
in the various caches of your IMAP clients, and if somebody hacks your
email account, they wont be able to read any email that they download.

I've been doing this myself for a while now. I wrote/released some
software to do it. It's described here:

https://grepular.com/Automatically_Encrypting_all_Incoming_Email

And here:

https://grepular.com/Automatically_Encrypting_all_Incoming_Email_Part_2

-- 
Mike Cardwell https://grepular.com/  https://twitter.com/mickeyc
Professional  http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu   0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20111011/e8f7f438/attachment.pgp>


More information about the tor-talk mailing list