Slashdot Mirror

← Back to Stories (view on slashdot.org)

Email Clients with Encrypted Archives?

Posted by Cliff on from the yet-another-cool-feature-idea dept.

jasonbrown asks: "If your like a lot of us, you want to keep all your good email for later viewing. Then again, who wants to have all that personal stuff laying around when some higher power decides to dig through it. I was wondering if the Slashdot community knows of any good, preferably linux compatible, email clients with an encrypted archive to keep your old email away from prying eyes."

10 of 49 comments (clear)

  1. use the filesystem, luke by mclinc · · Score: 3, Informative

    Store your mbox (or whatever) on an encrypted file system. Not perfect but easy.

    --
    "Oh no, not again"
  2. Simple: Encrypt the filesystem. by Marijn · · Score: 5, Informative

    Really simple, just use an encrypted file-system. Either in a partition or via loopback in a file (convinient for backuping).

    Save, Simple, and you can use any email software you want.

    --
    -- Aji con Todo!
  3. Strange... by fordboy0 · · Score: 2, Informative

    I never really gave it a second thought... Thanks for pointing that one out, now I have something else on my plate to worry about!
    But seriously, if you are working on a Winbloze platform, I think that Pegasus stores the mail file in an encryped format - password protected at least - to keep people away. Not for sure on that one, but I will check. May not be heavy enough encryption to keep the Feds off your back, but it should keep the old lady or your less-than-saavy computer friends out. (Or in the case of some, your parents)

    --
    Ligaguinggligagiggagoogoogwillgo
  4. Outlook by Howie · · Score: 4, Informative

    Evil nasty bad MS Outlook has had this ability for at least the last few versions (97 onwards I think).

    Depending on how much grief other people reading your mail is going to cause (legal, or merely embarrassing), it's worth noting that several countries already have laws requiring you to give up the keys to your encrypted mail in certain situations, and others are considering similar laws.

    --
    "don't fall into the fallacy of believing that Perl can solve social problems. Maybe Perl 6 can, but that's a ways off"
  5. useless by dutky · · Score: 4, Informative
    Unless the e-mail is encrypted during transmission there is little point in worrying about storing it on your local machine in an encrypted format. Since the transmission format is wide open you have to assume that it has already been captured and read by anyone interested in snooping around your life. If they already have copies of some of the clear text that resides in the encrypted archive, it will be child's play to find your encryption keys and decrypt the entire archive.


    If you are planning on doing stuff you would rather not have extra evidence of later, don't talk about it over e-mail! If you are conspiring with other folk stupid enough to send incriminating information over e-mail, you have bigger problems to worry about. If you are already sending all your e-mail in an encrypted form, you simply need to keep the encrypted e-mails in the archive as well.

  6. mutt by raulmazda · · Score: 3, Informative

    You could pretty easily do this with mutt and the compressed folders patch.

    It allows you to specify a regex for a folder, and then operations for opening and closing. It wouldn't be that much different than using bzip2 or gzip on a folder.

  7. Re:Pretty easy cribs for this. by coyote-san · · Score: 3, Informative

    This is only a problem if they're using their own "very special" cryptography, e.g., the ever popular "xor with passphrase and a counter." For some odd reason that's used in several products -- and can be easily cracked with some commercial products.

    If the crypto was done right, the message was compressed and then encrypted in "chaining" mode with DES, 3DES, IDEA, AES, or a similar strong cipher. Having known plaintext won't help much in this case.

    --
    For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
  8. Try Crypto Heaven by Anonymous Coward · · Score: 1, Informative

    Try using Cryptoheaven or hush.com

  9. Pine + PGP4Pine + GnuPGP by Nickbot · · Score: 2, Informative

    Use them all and it's on like a pot of grits. PGP4pine is a script that Pine calls (when it sees the PGP encryption header in the mail) PGP4pine then uses GnuPGP (or actually, any of many other encryption programs) to decrypt the message. Everything happens seemlessly (you can even set it up so that PGP4Pine automatically grabs public keys from sig files). Best thing is as far as Pine knows its just text, so the message gets stored encrypted, it's only decrypted when you want to read it or quote it.

    Of course, this assumes you want to use PGP while sending and recieveing messages too (and why wouldn't you..)

    --
    Praise the Force Field! Praise the Laser Project! Slackware Loon #19830573
  10. The Bat by Chris+Canfield · · Score: 2, Informative
    Ritlabs puts out an excellent program called The Bat! and a dongle-secured version called, appropriately enough, Secure Bat! I've been using the bat for about two years now, and have found it to be one of the most stable, secure, and generally well-written pieces of e-mail software I've had the pleasure of using. Secure Bat!, from what I've heard, is every bit as stable, though much more expensive and with features more befitting of administration at a large company. If anyone is left bothering to read this thread anymore, it comes highly recommended (to windows users).

    Of course, you could also just encrypt your old mail file. How often do you go through mail from 1998 anyway?

    --
    This Sig is a mnemonic device designed to allow you to recognize this author in the future.