Chuck Peters on 22 Dec 2008 12:44:23 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Reasonably secure email

On Mon, Dec 22, 2008 at 11:46 AM, jeff <> wrote:
What's a decent way to get reasonably secure email?

I have been wondering about this issue in part to meet HIPAA [1] requirements.

As it is, one can securely connect to most providers but if it's not
encrypted, it's anyone's to intercept (Gmail included).

From what I read thus far it is possible to send and receive secure SMTP using the fee based version of Google Apps (aka gmail) and the administrator setting a policy so that everything goes through TLS. [2] 

If you were going to make this happen for a small group, what would you
use? (existing service or OSS please)

One could set up a particular domain to only allow TLS with most OSS mail servers.  I doubt most users would think it unreasonable if their mail isn't getting through.  But you should be able to setup TLS as the mail server default.

exim4 is what I have been using and some quick googling looks like I could enable TLS with the following pasted from

Enable Exim TLS

Generate a self-signed certificate for Exim using the tool:

New file: /etc/exim4/conf.d/main/000_localmacros
switch on tls
Listen on Standard TLS Port
daemon_smtp_ports = smtp : 587
enable login without TLS / SSL


3.SMTP Service Extension for Secure SMTP over Transport Layer Security

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --