casper at bcx
Jan 30, 2008, 3:35 AM
Post #28 of 30
I think your management is coercing you to do something a lot op the
techies on this mailinglist wouldn't want to implement, simply because
from the technical point of view it has no added value. (except the
perceived value by your management)
If your management is this paranoia about confident emails they receive,
why are you letting them store mail on the server? Wouldn't old-school
POP reduce the 'risks' significantly? That way the security of their
local email is *their* problem. The perceived risks are smaller (while
they in fact they are far larger)
This is the same problem my grandmother had with electronic cash. She
couldn't be convinced that having money on a bankaccount was more safe
than having it on her. The best you can do for your management is
explaining it to them.
As to accidental reading of emails:
- Your mail database will grow fast, with lots of data and not much
information. I don't do an accidental select * from `dbmail_messageblks`
as it gives me too much records to be able to process.
- The messageblk field is a blob. My database editor doesn't show me
data in blob's by default (as it is binary data)
- WHERE `messageblk` LIKE '%salary%' does not count as accidental
reading of mail.
In the Netherlands, intentional reading of an email not sent to you is
prohibited by law. Email is considered mail under the postal law. This
might be the same with you, and it probably is the best way to keep mail
As pointed out email is never safe.
The dutch company DigiNotar http://www.diginotar.com/ (there must be
many more, this is just a company I know) provides safe transfer of
documents and other such services. (we get our monthly salary statement
from our accountant sent with it)
On Wed, 2008-01-30 at 08:28 +0200, Sim Zacks wrote:
> What I am looking for is a way to convince management that someone doing
> maintenance on the database will not be able to read all their email.
> They understand the intrinsic insecurity of email. They are just trying
> to avoid passive intrusion as opposed to active intrusion. One example
> is that my system admin, without trying to read anybodys email, was
> trying to learn how the tables work, so he opened the tables in a MySQL
> viewer and looked at what data was in each table. He wasn't _actively
> trying_ to read email, but while doing it he did read email.
> However, the 2 requirements are that they can read the message on the
> client without having to jump through hoops and that they don't have to
> tell everyone who sends them a message that they have to send it
> encrypted. Without those 2 things they are going to stay with regular
> POP email (not dbmail POP, which still keeps the mails in the database
> until cleanup, if I understand correctly).
> James Cloos idea of doing the encryption at the MTA is a great idea that
> I hadn't thought about. I'm going to investigate the possibility.
> -------- Original Message --------
> Subject: [Dbmail] mail encryption
> From: Dave Logan <davel [at] dsp-services>
> To: DBMail mailinglist <dbmail [at] dbmail>
> Date: Tuesday, January 29, 2008 07:08:02 PM
> > So, I'm just throwing this out there, are you looking for
> > true encryption, or just an obfuscation? For example could
> > you do a rot13 or something equivalent? Sure it's not real
> > security, and it's easily enough worked around, i.e.
> > instead of searching for 'salary' I'd search for the rot13
> > value of 'salary'. But maybe it's an extra step that would
> > make them (the management) feel more secure. And isn't that
> > what this is really about?
> > dave
> DBmail mailing list
> DBmail [at] dbmail