wiki:AboutEncryption

There are different roles encryption can play in Maia Mailguard, with different purposes. It's certainly recommended to set up Maia in a SSL host to protect the username, password, and data in transport to the end user. Setting this up is documented elsewhere with your web server and needs nothing special from Maia.

Another encryption feature currently in Maia is a feature that is almost never needed. Encrypting messages in the database might be useful to keep a wandering DBA from accidentally reading email, but unless you really go to paranoid extremes, it will not provide any security. The key to decrypt the messages must exist on any of the systems using Maia, and any access to that key would make access to the data store pretty easy.

In addition, dealing with encryption just adds more complexity to the process for very little gain. For this reason we are considering this feature depreciated, unless someone can present a more compelling case of when it is needed.

If you have enabled it already, you can easily disable it by removing the key file in amavisd.conf. All the other scripts automatically detect if a message is encrypted and act accordingly. Once all of the encrypted messages are expired from the system, you can remove the encryption key from the other config files.

Last modified 10 years ago Last modified on Mar 20, 2009, 4:56:18 PM