This article on email security discusses the difference in how the law 'protects' you depending on whether your email is stored on your own servers, or on a 3rd party's servers 'in the cloud'. Basically, if they are on your servers a warrant is needed to seize them. If they are on a 3rd part system, say gmail or yahoo, the government doesn't have to notify you that they have seized your private correspondence (its a bit more complicated than that, read the article for the details). I run my own mailserver, so this really isn't a problem for me. But I thought it would be a good Sunday morning exercise to make sure all my incoming mail was encrypted anyway. You to can thwart the prying eyes of 'the man' by using procmail and gpg on your own server, or if you have access to a shell account on a remote system. 1. Install the gpg get you want to encrypt messages to. Usually this will be your public key. There is no need to have your private key on the server. You can import the key using gpg --keyserver pgp.mit.edu --search-keys youremail@domain and selecting the right key. 2. Setup procmail to pass all unencrypted incoming messages through gpg. Create a .procmailrc file that looks like this:
# Store all incoming mail in encrypted format using gpg
LOGFILE=$HOME/logs/procmail
# Encrypt the body of the message, skipping ones that are already encrypted
:0 Bfbw
* !^-----BEGIN PGP MESSAGE-----
| /usr/bin/gpg --batch --trust-model always --encrypt -r0x9712C2CD --armor --output -
3. Create a logs directory in your home directory - mkdir ~/logsThat's all there is to it. Now send yourself an email and check the mailbox to make sure it is stored in encrypted form. Check the logfile for errors -- if gpg fails for some reason it will store the mail in unencrypted format. Tags: encryption, gpg, privacy, security
Current Mood: accomplished
|
![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small}
bcl's journal
Previous
