regarding exchange I have the possibility to adjust users ACLs. So the user could be able to backup a exchange Server or to do other administrative things with exchange without being able to read all mails.
With hmailserver I only have to click on the right mail address within messages folder an I'm able to use windows search to scan mails for some buzzwords. This is non-existent security.
I know that you guys will now scream, use encryption!!! But to implement a PKI or explain people how to use PGP only to have a little more privacy for the CEOs mails would be overkill. Especially because encryption wouldn't integrate seamless.
We only want to prevent that every dumb IT service technician is able to read internal use mails while he installs windows updates on the mailserver. Just a stupid example.
Has anybody ever had an idea how to solve that problem? I was thinking about EFS encryption. (This would mean hmailserver runs with an own Windows User and this Windows User uses an EFS certificate to encrypt the mail folder...)
prisma wrote:@Matt: no bad idea, but as long the SAN is mounted...
mattg wrote:... someone would need a packet sniffer to see email contents, and then only in transit ...
Users browsing this forum: No registered users and 8 guests