-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Am 28.10.2013 20:14, schrieb Douglas Mortensen: > Currently our dovecot servers are on our webhosting linux boxes. We > are using the LAMP stack to host websites, and also doing email > with postfix & dovecot on these systems. We provide this as a > hosting setup for 100+ accounts/websites on a single server (a > multi-tenant setup). Each customer has anywhere between 1-100 email > accounts which Dovecot services. > > If a customer has vulnerable PHP code on a website, some of these > will allow a remote file upload. I have seen cases where they > upload a PHP script that is a sort of web-based console/shell to > the server (file-system, etc.). It provides several tools which all > run through the uploaded PHP script to try to brute force and do > other attacks. I've seen attempts at a root exploit. We've never > had a root exploit and any such case of a customer's site being > hacked has been easily contained by simple filesystem permissions > being correct (and the fact that we have apache setup to run all > scripts as the user who is the owner of the script files, which > confines the script to that users' permissions). Still nobody loves > the idea of bad guys trying to hack on your box. > > So.... given that type of scenario, if filesystem permissions > weren't correct, or some new exploit surfaced that allowed someone > bypass or elevate to root, then they could theoretically have > access to the entire fileystem including where emails are stored. > > I hope to never have this sort of thing happen. We patch our > systems regularly and have other security measures we follow to > prevent this. We also are managing most of the PHP scripts > customers use ourselves now and are updating those for the CMS' and > other systems proactively. > > However, it would be nice to know that even if we were breached, > the emails on the server were encrypted and would be completely > useless to an attacker. > > This type of encryption is ideal and some regulations prefer > (although don't require) it. - Doug Mortensen Network Consultant > Impala Networks P: 505.327.7300 you shouldnt host mail/imap services on the same servers with massive http hosting, i dont see a real connection between php bugs etc and dovecot, it more a question of setup design you have choosen what makes thing more bad then they have to be > > -----Original Message----- From: dovecot-boun...@dovecot.org > [mailto:dovecot-boun...@dovecot.org] On Behalf Of Michael Orlitzky > Sent: Monday, October 28, 2013 11:52 AM To: dovecot Subject: Re: > [Dovecot] Encryption solution for messages at rest > > On 10/28/2013 12:02 PM, Douglas Mortensen wrote: >> Hi, >> >> We have clients with various security & compliance requirements. >> Although not required, it would be ideal to have messages >> encrypted at rest. > > You can rule out a lot of the crazier options by answering the > questions, > > (a) What attack scenario do you have in mind? > > (b) How will encryption help? > Best Regards MfG Robert Schetterer - -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJSb2mWAAoJEP8jBObu0LlEWkAH+gImez3F9cz1c5TcbgWTMdP6 onrp2Swd5gw6bKNkj2R6bzvtNPTNtrCUxVNU8c8YIIyeMK+fq3d6YxjB8p5nwrrR AqL82xo97CbjPluldrcUAZUzBSUMrIjXC4dKAQvpD/Nhl7QMmPmeCcvZ8B39urcs 4AT2vSDI5wvuMtpKzj2ohA5P9UAwDPmm6beihWn73IubCWeUcO47sJj4W0dnO2bv OZ2k6TwLfRbdkqH3wH0JEGqnYgrRxm9czkidH1C5JJM5MAosJoTn21dSbLZoqD8O pmdT7jqUfyZ1GkUDO2OqEHl1V04RQhlP0wxAKTh39ahvQrXZgPzTwhxw6T0cZoM= =zZYc -----END PGP SIGNATURE-----
