On 2019-10-27 Fourhundred Thecat wrote: > when new email arrives, and it is not already encrypted, I would like to > run it through a filter, which would encrypt the message with my public > gpg key, as if the original sender has sent the email encrypted. > > Why do I want to do this ? Why not ask the sender to send encrypted > messages to start with ? > > Lets say my bank sends me emails. I cannot forcer my bank to use gpg > encryption. I am happy they use email at all, instead of paper mail. > > My email server is untrusted. It can be hacked into and emails stolen. > Full disk encryption will not help, because the disk must be decrypted > during runtime. > > With my scheme, all emails would be stored encrypted on my server, and > decryption key does not exist on the server (emails are decrypted on my > local client) > > What would be the best way to implement this ? > > Can such filter work, without ever storing plaintext email on disk ?
Several years ago I wrote something like that [1]. However, if your mail server is untrusted I don't think there's a point in bothering. Even if you pass the mail through an encrypted transport channel and never store it on disk, an attacker who has gained control of the server can still intercept the message. [1]: https://www.planetcobalt.net/sdb/crypter.shtml Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
