Email Security - GnuPGP

5

50c

Active Member
Jun 26, 2004
29
0
151
UK
Hi there,
i would like to know if there is a way to encode email
traffic between a mail server and its clients.

The details:

A client sends an encoded email, the server recieves it, decodes it and then sends it to the recepients address. And the same vica versa. If the server recieves an email for its client, it encodes it. The client downloads the email and decodes it.

I have read a few pages about GnuPGP but i am not sure if i can use it for this thing..

How can i set this up (serverside)?

Thanks & Regards
 
E

elliotcooper

Well-Known Member
PartnerNOC
May 18, 2005
56
0
156
I am not sure why you need the system to be as complicated as you describe. All that you need to send an encrypted email is for you and the recipient to have en/decryption software in your mail cient (I'm sure there must be plenty of PGP/GPG extensions to do this for thunderbird) and to have each others public keys.

Your mail client will then encrypt and sign the email contets as you send it. The email will however still have an uncryted header so that it can get sent and delivered. The mail server will treat it as any other piece of email (they don't care about the body) and either relay it to the recipents mail server or deliver it locally. The recipent can then decrypt the body using his private key when it arrives in his inbox.

The mail server does not ever have to worry about doing any encrypting or decrypting of email messages.
 
5

50c

Active Member
Jun 26, 2004
29
0
151
UK
Thanks for your reply,
yes i knew about that client side encoding.. I just wanted to know if there was a application that would be able to protect normal emails (not just for certain recepients) on their way to the mail server and from the mail server to the client...
Both the client and the server would know the key.

So that the clients ISP would not be able to read the emails. Actually a protection against ISPs and 3rd party DNS (mail) services.

Thanks

Best Regards
 
SageBrian

SageBrian

Well-Known Member
Jun 1, 2002
413
2
318
NY/CT (US)
cPanel Access Level
Root Administrator
But that only protects the email during that small short path from server to client.

This is like putting a postcard in an envelope, so no one can read it while you walk from the kitchen to the mailbox. Then, when the mailman gets it, he opens the envelope, and delivers your postcard for everyone to read.

Where's the security in that?
Seems like smoke and mirrors.
 
chirpy

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
33
473
Go on, have a guess
Indeed. The only way to have end-to-end security is to use public/private key encryption of the email text, typically done using the likes of PGP or OpenPGP within the email client (as mentioned by elliotcooper). Anything else is pretty much pointless.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
E Email about kernel updates and security advisor result different Security 4
Michael-Inet Change to "New Security Advisor notifications" emails? Security 1
D Security problem? "[newmailcgi] Recently Uploaded CGI scripts that send email" Security 1
M Email spammers even with csf security hints all checked Security 6
D cPanel's email security features Security 2
Similar threads
Email about kernel updates and security advisor result different
Change to "New Security Advisor notifications" emails?
Security problem? "[newmailcgi] Recently Uploaded CGI scripts that send email"
Email spammers even with csf security hints all checked
cPanel's email security features
Top Bottom