Solved

How to secure an email account in a shared hosting environment

Posted on 2013-01-18
8
446 Views
Last Modified: 2013-01-22
What is the best way to secure an email account so that even the systems administrator cannot read a user's email?

Here is the scenario I am facing:

I am the site administrator for a domain that is hosted in a shared Linux / Apache / Cpanel environment managed by site5.com.  One of the email accounts for the domain I manage is used to send / receive confidential information that even I should not have access to.  Since I am the site administrator, I have full access to the system, so I can get in and view the files used to store the email messages.  Basically, I have the ability to snoop on other users if I want to.

Is there any way that this sensitive email account can be secured so that even I cannot view the emails if I desire?

Thanks.
0
Comment
Question by:jbaird123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 33

Expert Comment

by:Dave Howe
ID: 38793819
Not as such, no. at the worst case, if you were completely locked out of the email box, the email still has to get INTO that box, so you could intercept the mail in transit and take a copy at that point.

However, there are multiple good solutions for email encryption out there - it would be down to the user and his correspondents to use that securely though, and its hard going for most users.

there are two major standards for encrypted mail - s/mime (uses x509 certificates, usually uses the openssl libraries) and openpgp (uses a similar hybrid solution - commonly implemented using gnupg)

many thick client solutions come bundled with s/mime support - in fact, lacking it is the exception rather than the rule. openpgp support is less common, but there are plugins for many major thick clients (such as thunderbird)

webmail is not commonly associated with either. horde imp supports s/mime, squirrelmail has a gpg plugin, and there are browser plugins to add support to popular solutions, but that is no better than a thick client really.

Email itself however is rarely secure; even SMTPS is rare in the real world, with most email being sent unencrypted. If I really had to remove temptation, I would therefore implement a fully local solution, using a webserver, encryption (asymmetric), user logins, and so forth. while nothing can prevent later modification of such a system to allow access, It would at least be secure until tampered with (I would have suggested the hushmail approach there but given the twin and fatal flaws of
a) the current security problems with java and
b) that hushmail have been guilty in the past of deliberately compromising the security of users on receipt of an american court order,
That probably wouldn't go down too well :)
0
 
LVL 11

Accepted Solution

by:
RedLondon earned 500 total points
ID: 38794028
Do the communications need to be via email?

I can send a message to my bank using its "secure messaging" service that is visible only after I log into my internet banking account.  

When they reply, I get an email to tell me that they've replied, and to see their message, I should log into my internet banking account again.  

Your confidential information could be transmitted in a similar system, with notifications that the messages are there ready and waiting for the right eyes to log in and see them.  I've never used it, but there's one called Kana that I found with a quick search - you could use their page to explain better to your customer what happens.

If you just want to remove your ability to see the messages, you could instead change the domain's MX records so that email doesn't pass through the cPanel server at all, and use an email system like either Fastmail or Google Apps - but that just means that some other admin somewhere else could look at the email if they so wished.
0
 
LVL 8

Expert Comment

by:R_Edwards
ID: 38794198
Have you tried calling site5 and explain your concern?  as the above experts stated, anyone that has physical access to the server will be able to gain access.  I am sure that your hosting company can assist you.  good luck
0
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

 
LVL 32

Expert Comment

by:aleghart
ID: 38799281
The service provider would just tell you to get free or paid email certain to encrypt the message traffic.  Even if SMTP is transmitted plain-text over port 25, the contents are already encrypted.

Users need to trade keys first.  So the first messages between users will be in the clear.  After that, it's up to the users to use a mail client that supports encryption.

For other mail that is not user-to-user, you should contact the third party.  Banks and insurance companies will have their own message systems that email alerts for you to login.
But, at some point, you must trust your admin...or find a new service.  What would stop an admin from generating and intercepting a password reset?  Or getting the link from a cert provider to download your email encryption key?
0
 

Author Closing Comment

by:jbaird123
ID: 38801123
I decided that the easiest solution with the greatest flexibility would be to simply use Google Apps.  This works because I am able to make the person who needs the confidential email the only administrator.  

This solution is easier than the others because it does not require that the user implement encryption.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 38804352
That should be ok, just bear in mind that the administrators at Google Apps can (and will, if given a court order by an American court) give the lot to whomever is holding the court order.
0
 

Author Comment

by:jbaird123
ID: 38805507
Thanks, Dave.
0
 
LVL 32

Expert Comment

by:aleghart
ID: 38805890
Does not require a court order any more.  NSL will do it without any oversight, and the ISP is threatened to not disclose the letter even exists.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Liquid Web and Plesk discuss how to simplify server management with a single tool  in their webinar.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question