Re: Securing Email

On Fri, Dec 21, 2007 at 02:52:36PM -0500, JD Brown wrote:
Hi list, I would like to get some suggestions regarding products out
there to secure email. Preferably, I'd like to see an appliance that
could make the process as transparent as possible to the user. Any
input would be greatly appreciated.

how do you mean "secure email"? do you mean you want to secure the
*transport* of the email? or the message itself?

if you want to secure the email itself, what I do with Linux is to use
"gnupg", which allows a digital signature and the message can also be
signed with a key for the intended recipient so that only someone that has
the private key *and* the passphrase can hope to decrypt it.

on the "smtp" side of things you can use SSL over the wire and it's pretty
painless to setup using postfix.

if you want to secure the smtp side, that is very "hands off" once the
configuration is done. I know this because I have done it on my Linux

on the client side, though, you can't really make digital signatures an
unmanned process unless you make a gnupg key without a passphrase, which is
a bad idea.

-- -- websites that suck less