The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to make email, on Cpanel servers, "more secure".....

Discussion in 'E-mail Discussions' started by server research, Nov 4, 2011.

  1. server research

    Joined:
    Nov 4, 2011
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I have more and more clients asking about 'secure email' and want to know what I can do
    to 'secure their email' as much as possible.

    aside from hosting services, I also provide I.T. and related consulting services so this does
    apply to more than just 'Cpanel'.

    As I understand it, having an SSL cert only insures the identity of the server, and if using
    an email client like Outlook, the email itself is not encrypted and once the email is received
    on the server, there is no guarantee about where it's going just that it's going to be sent there.

    If you are using webmail, and have an HTTPS connection, both the identity of the server is insured and
    the content being transmitted at that time is encrypted, however once it is received and re-transmitted
    we are back to where we normally are....

    Could someone please let me know what can be done further at the Cpanel level and if you have any
    other input about the concept of 'secure email' in general?

    Thank you!
     
  2. tandyuk

    tandyuk Active Member

    Joined:
    Dec 18, 2003
    Messages:
    32
    Likes Received:
    1
    Trophy Points:
    8
    Email is NOT secure, never has been, and is very unlikely to ever be.

    As you are aware you can take steps to try to ensure security, eg ssl / https based webmail, but the SMTP protocol itself is plain text. So from your client to your server can be encrypted, but once it leaves your server it is unlikely to be encrypted for any of the remainder of its journey.

    Unless you are also consultant for every company you send email to, there is no way to secure email any more be it locally or server side.

    I would suggest you educate your customers about pgp signing so that individual messages are encrypted, and can only be decrypted by the correct sender/recipient, regardless of mail destination or sending method.
     
  3. server research

    Joined:
    Nov 4, 2011
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    tandyuk,

    Thank you for the input, agreed to and understood and already implemented in the case of
    PGP where they are 'serious' about specific emails.

    Just trying to make sure that I double check what I know and/or making sure I haven't missed
    anything that may have changed along the way....
     
Loading...

Share This Page