| Chuck Peters on 22 Dec 2008 12:44:23 -0800 |
|
On Mon, Dec 22, 2008 at 11:46 AM, jeff <jeffv@op.net> wrote: What's a decent way to get reasonably secure email? I have been wondering about this issue in part to meet HIPAA [1] requirements. As it is, one can securely connect to most providers but if it's not From what I read thus far it is possible to send and receive secure SMTP using the fee based version of Google Apps (aka gmail) and the administrator setting a policy so that everything goes through TLS. [2] If you were going to make this happen for a small group, what would you One could set up a particular domain to only allow TLS with most OSS mail servers. I doubt most users would think it unreasonable if their mail isn't getting through. But you should be able to setup TLS as the mail server default. exim4 is what I have been using and some quick googling looks like I could enable TLS with the following pasted from http://www.randomsequence.com/articles/smtp-pop3-email-for-virtual-users-on-debian-sarge/ Enable Exim TLS Generate a self-signed certificate for Exim using the tool: /usr/share/doc/exim4-base/examples/exim-gencert New file: /etc/exim4/conf.d/main/000_localmacros switch on tls MAIN_TLS_ENABLE = true Listen on Standard TLS Port daemon_smtp_ports = smtp : 587 enable login without TLS / SSL AUTH_SERVER_ALLOW_NOTLS_PASSWORDS = true Chuck 1 http://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act 2 http://en.wikipedia.org/wiki/Transport_Layer_Security http://tools.ietf.org/html/rfc3207 ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|