[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: laptop & mails archive security
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: laptop & mails archive security
- From: Laurence Tratt <laurie_(_at_)_tratt_(_dot_)_net>
- Date: Mon, 30 Aug 2004 19:31:22 +0100
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
On Mon, Aug 30, 2004 at 02:24:29PM +0200, Ed White wrote:
> I know that some developers work with a laptop and so I hope that someone
> might have a good suggestion to share.
> I have a powerfull home computer (amd64) and a modern laptop (centrino).
> At the moment I'm using a RAID setup on my amd64, however this means that I
> can checkout mails only at home. I'd like to move all my mail setup (archive,
> config, accounts) to my laptop so that I'll be able to chekout new mails when
> I travel and browse my archive.
> Until today I've never done it because I fear these problems:
> 1 - laptop get stolen
> --- mail archive can be read by the thief
> --- mail accounts are valid until I change passwords & C
> 2 - laptop HD fails
> --- mail archive can be partially lost (diff from the last backup)
> 3 - SMTP and POP3 security
> --- I don't know the status of the network I'm using (hotel,airport,...)
> Is there a good solution ?
You have several overlapping concerns here. Here's one possible solution;
other posters have given other examples.
1) can be solved by using an encrypted filesystem [have a look at vnconfig
for example and ].
2) is solved by making sure your laptop isn't the sole source of your mails.
I would suggest using offlineimap (which is in ports) to synchronise your
mail against a central server. This allows you to have multiple "checkouts"
of your mail on different machine, all updated and kept in sync in a pleasant
way. I have my mail checked out this way on 3 or 4 different machines.
3) tunnel offlineimap over ssh. [I use Courier-IMAP as my server, but that's
not a significant detail - most servers will allow SSL and / or SSH
tunneling without any problems.]
Visit your host, monkey.org