Changes between Initial Version and Version 1 of AboutEncryption


Ignore:
Timestamp:
Mar 20, 2009, 4:56:18 PM (14 years ago)
Author:
mortonda@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • AboutEncryption

    v1 v1  
     1There are different roles encryption can play in Maia Mailguard, with different purposes.  It's certainly recommended to set up Maia in a SSL host to protect the username, password, and data in transport to the end user.  Setting this up is documented elsewhere with your web server and needs nothing special from Maia.
     2
     3Another encryption feature currently in Maia is a feature that is almost never needed.  Encrypting messages in the database might be useful to keep a wandering DBA from accidentally reading email, but unless you really go to paranoid extremes,  it will not provide any security.  The key to decrypt the messages must exist on any of the systems using Maia, and any access to that key would make access to the data store pretty easy.
     4
     5In addition, dealing with encryption just adds more complexity to the process for very little gain.  For this reason we are considering this feature depreciated, unless someone can present a more compelling case of when it is needed.
     6
     7If you have enabled it already, you can easily disable it by removing the key file in amavisd.conf.  All the other scripts automatically detect if a message is encrypted and act accordingly. Once all of the encrypted messages are expired from the system, you can remove the encryption key from the other config files.
     8