On Sep 2, 2013, at 17:43, Ansgar Wiechers <li...@planetcobalt.net> wrote:
> On 2013-09-02 Littlefield, Tyler wrote: >> On 9/2/2013 9:35 AM, Bruce Markey wrote: >>> The only way to "nsa proof" is to encrypt end to end with pgp. > ^^^^^^^^^^^^^^^^^^^ >>> I run postfix with gpg-mailgate. >>> All incoming mail is encrypted with that users public key as it >>> comes in for any mail that is not already encrypted client side >>> using pgp. >> >> This makes sense, but this still isn't secure. Even if you use TLS >> from endpoint to endpoint, mail is usually sent through multiple >> servers until it gets to that point. You can send mail through your >> own server, but it can not be encrypted when you send it out to >> another server, which pretty much breaks any concept of NSA-proof >> email. > > Read again. He makes the wrong point, but is partly right; PGP encrypts the content of the message only, and not the metadata contained in the headers. And that metadata can show very interesting patterns, patterns that sometimes tell you more than the content of the messages themselves. Mvg, Joni
