[arch-general] Suggestions for email for a paranoid Archer
Victor Silva
vfbsilva at gmail.com
Fri Oct 12 14:29:10 EDT 2012
2012/10/12 Menachem Moystoviz <moystovi at g.jct.ac.il>
> From the responses I've received, I gather the following:
> - Crypto is only going to get me so far, unless I can coerce all
> incoming email to use TLS
> - Until I have a steady income, my best bet is to use Google Apps for my
> domain
> and to download all incoming mail - probably deleting it from
> Google's servers while I'm doing it
> - Once I have a steady income, I can afford to pay for a VPS, on which
> it will be more likely
> that a mail server set up on it will be able to send and receive mail
>
> I really appreciate the help you guys gave. Thank you.
>
> Gesh
>
> P.S. I'm aware of the fact that, given a determined enough attacker
> with enough resources, anything is hackable.
> However, this does not, in my opinion, absolve us from our
> responsibility to try and secure our systems
> to the extent of our abilities
>
Even if you delete the messages right away there is a a chance someone can
recover it. By default most mail providers won`t really delete your
messages but put then in a queue to be deleted. This is used in the case
you loose a valuable email or so on. I work in a governmental company on
the mail infrastructure and by default we retain any mail for 45 days which
is vacations + a buffer in case someone deletes something and needs it when
coming back from vacations. Of course the mail won`t be on your inbox but
the goverment or google will be able to look on it upon request.
More information about the arch-general
mailing list