Chapter 8. Protecting Email

Email is a terrific medium for communication, but it's neither private nor secure. For example, did you know that:

  • Each message you send may pass through many other machines en route to its intended recipient?

  • Even on the recipient's computer, other users (particularly superusers) can conceivably read your messages as they sit on disk?

  • Messages traveling over a traditional POP or IMAP connection can be captured and read in transit by third parties?

In this chapter, we provide recipes to secure different segments of the email trail:

From sender to recipient

Secure your email messages, using encryption and signing

Between mail client and mail server

Protect your mail session, using secure IMAP, secure POP, or tunneling

At the mail server

Avoid exposing a public mail server, using fetchmail or SMTP authentication

We assume that you have already created a GnuPG key pair (private and public) on your GnuPG keyring, a prerequisite for many recipes in this chapter. [Recipe 7.6]

    Chapter 9. Testing and Monitoring