Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Secure, Yet Accessible E-mail Archive Storage?

Posted by timothy on from the now-where'd-I-put-that? dept.

New submitter mlts writes: As of now, I just leave E-mail in a 'received-2015' subfolder on my provider's server, adding a new folder yearly. With the rise of E-mail account intrusions (where even though I'm likely not a primary target, but it is a concern), what is a secure, but yet accessible way to archive E-mail? I'm far less worried about the FBI/NSA/Illuminati, as I am about having stuff divulged to all and sundry if a mass breach happens. A few alternative I've considered: 1) Running my own physical IMAP server. The server would run on a hypervisor (likely ESXi), have Dovecot limited to the VPN I use, and use other sane techniques to limit access. 2) Archive the E-mail files through a cloud provider, with a client encryption utility (EncFS, BoxCryptor, etc.) In this case, E-mail would be stored in a different file a week. 3) Move it to local storage on a virtual machine, and if access is needed, use LogMeIn or another remote access item to fire up Thunderbird to access it. What would be a recommended way to secure E-mail that sits around, for the long haul, but still have it accessible? Even if you're not specifically worried about it, keeping older email around on a provider's server opens you up to warrantless access by U.S. law enforcement officials.

12 of 74 comments (clear)

  1. pop3 to local machine, then backup by i.r.id10t · · Score: 5, Insightful

    Pull it down to your local machine either via pop3 or just moving messages from your imap inbox to a local folder.

    Then whenever you like, archive that off somewhere. You could even convert maildir format to mbox and then run something like mhonarc on it to make web pages of 'em all wtih indexes and such, and just archive off the HTML onto a CD/DVD/whatever.

    All that said, why are you keeping it all? I've kept all of my work related email for 18 years now (same employer) on my local machine. I've gone thru a few things more than a year old just for giggles, and one time I needed a license number that was locked up in a filing cabinet but didn't have my keys that day... But mostly an email that is 2 months old or older just isn't needed (by me, for my work, your needs probably vary).

    --
    Don't blame me, I voted for Kodos
    1. Re:pop3 to local machine, then backup by ShanghaiBill · · Score: 4, Interesting

      All that said, why are you keeping it all?

      A better question is "Why delete it?" Keeping it involves near zero effort and near zero cost. If deciding what to delete takes more than a few seconds, it is not cost effective. I have every email I have sent or received for the last 30 years (except for spam) and it fits in 10 cents worth of storage. Even if you count backups and redundant copies, it is under $1. My archive has come in handy many times, including helping a third party dismiss a $150,000 lawsuit from a patent troll by documenting prior art. That was worth $1.

    2. Re:pop3 to local machine, then backup by FrozenGeek · · Score: 2
      Personal email, I don't much care to keep. Business email, OTOH, is very useful. I use it as a paper trail. If I need to recall something, it's probably in my email. When a damager, um, sorry, manager, asks why I didn't do X (or why I did do X or, well, you get the idea) when in fact I did it, I usually just forward him the email I'd sent him N months ago detailing that his request is complete. Don't do that a lot, but every time I get to do it, it makes my week. Since corporate email servers are supposed to be secure, particularly from internal tampering, they are a good storage facility. That said, if the email is something that worries me, I archive it locally.

      I used to be the paranoid weirdo until Snowdon. Now I'm smarter than most.

      --
      linquendum tondere
  2. Local! by Sir+Holo · · Score: 4, Informative

    Back it up locally and encrypt the backup on an external drive.

    then, either lock that in a safe-deposit box, have a friend hold it, or hide it in some random but physically secure location. A fire-proof safe in your basement would work.

    It is the only way, if any still exists at all

    And yes, I like to have access to 1990's emails sometimes. Or need to. The world does not need to see them. BTW, law enforcement, under USA PATRIOT or CISA or some court ruling, do not need a warrant to read any email older than one year.

    1. Re:Local! by unrtst · · Score: 3, Interesting

      While I have not tried the following, I think it may be a pretty swell idea...

      * Use S/MIME encryption for your encryption
      * Setup a filter (could use fetchmail+procmail, or your email client's native filter stuff, or an external process in python/perl/whatever)
      * On new mail receipt, get copy of email, encrypt the body via S/MIME ("openssl cms"; man cms; don't use the misleadingly named "openssl smime"), and save back to the server in a different folder.
      * On all your email clients, just check that new folder only.

      There may be some fudging necessary either when encrypting or when reading the email, since the emails aren't from you, so the default client behavior of using the FROM address to determine the encryption key will not work. However, you could either alter the from to your own while filtering, and backup the real from to X-From:, and update your client to display the X-From instead of the From... or trick your client into treating the folder as a sent mail folder (sent encrypted emails get encrypted by your own cert and saved to your sent mail folder already... and reading those already works).

      While it may take a little bit of a kludge to get it working, once it works, it'd just work. All your emails would be separately stored on whatever IMAP server you like. You'd be able to read them via any client with S/MIME support (assuming you have your private key with you). FYI, there are browser plugins that make S/MIME work with some webmail providers too.

      All the other suggested solutions I've seen boil down to:
      * download to local computer
      * encrypt it somehow and make encrypted backups
      Those have many layers of things that are not easily accessible. I'd be more likely to go that route anyway (just fits the way I work already), but encrypting the messages within the IMAP server may be a nice solution for many other users.

  3. Using an Archive on a cloud provider... by Lab+Rat+Jason · · Score: 3, Informative

    ... is just INCREASING your attack surface, not reducing it! I'd go with the local backup if I were you.

    --
    Which has more power: the hammer, or the anvil?
  4. Run your own IMAP server by PvtVoid · · Score: 4, Insightful

    Get an email account with any domain provider, and set it up to forward to your private server. Read mail by connecting to an account on the private IMAP server. No need to run your own SMTP server; outgoing mail can be handled by your domain provider.

    Problem solved.

    1. Re:Run your own IMAP server by PvtVoid · · Score: 2

      And I'm sure your domain provider is happy to pass a copy over to the NSA.

      It's pretty hard to send a fucking email without using the network, but luckily that's not the threat model being discussed. If you want to keep email secure from network surveillance, you encrypt it. If you want to reduce vulnerability to a storage breach, you store it locally.

  5. Hillary is that you? by stevegee58 · · Score: 3, Funny

    Or your new IT guy?

  6. My "solution" by Anonymous Coward · · Score: 4, Informative

    My ISP (Comcast) won't allow me to run a fully functional mail server due to so many ports being blocked so I host my domain/mx record at Google for your Domain (got a free account way back when). I then have Thunderbird running 24/7 alongside my home mail server, automatically sucking down new mail from my gmail account and putting them in the inbox of my own server. I still have to periodically go and delete all mail on gmail because I've not figured out how to automatically & permanently delete them (or sent mail) from an IMAP client. I also use Google's servers as a smart host for outbound mail, so when an email client it setup to send/receive mail to my server, it all works, just on alternate ports. TLS all around.

    So.... there's a limited amount of my email sitting in gmail trash at any given moment, while I have access to all of my email on my own server via imap on all of my devices.

    It was the best I could come up with on my very low budget. I do it less from a fear of google/government snooping (though that bothers me) than from a fear of hackers getting into my gmail account. My own server is a much smaller and more obscure target...

  7. The Only Safe Place by TheAngryCat · · Score: 2

    Is locked away in your home or in a secure place at your place of work. Everyone so far is telling you the obvious, nothing is safe or secure in the cloud.

  8. Thunderbird Local Folder by corychristison · · Score: 2

    I personally store archives emails in a local folder in Thunderbird on my primary workstation.

    I then have it backup regularly to a secondary ("backup") drive installed in the system.

    From there I have the backup drive encrypt and sync to a backup server (in a vm on a dedicated box) I have in a datacenter for disaster recovery.

    Thunderbird automatically creates an Archives folder, with sub-folders of each year, when you use the "Archive" button.

    Works for me. YMMV.