Solved

How to secure an email account in a shared hosting environment

Posted on 2013-01-18
8
430 Views
Last Modified: 2013-01-22
What is the best way to secure an email account so that even the systems administrator cannot read a user's email?

Here is the scenario I am facing:

I am the site administrator for a domain that is hosted in a shared Linux / Apache / Cpanel environment managed by site5.com.  One of the email accounts for the domain I manage is used to send / receive confidential information that even I should not have access to.  Since I am the site administrator, I have full access to the system, so I can get in and view the files used to store the email messages.  Basically, I have the ability to snoop on other users if I want to.

Is there any way that this sensitive email account can be secured so that even I cannot view the emails if I desire?

Thanks.
0
Comment
Question by:jbaird123
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 33

Expert Comment

by:Dave Howe
ID: 38793819
Not as such, no. at the worst case, if you were completely locked out of the email box, the email still has to get INTO that box, so you could intercept the mail in transit and take a copy at that point.

However, there are multiple good solutions for email encryption out there - it would be down to the user and his correspondents to use that securely though, and its hard going for most users.

there are two major standards for encrypted mail - s/mime (uses x509 certificates, usually uses the openssl libraries) and openpgp (uses a similar hybrid solution - commonly implemented using gnupg)

many thick client solutions come bundled with s/mime support - in fact, lacking it is the exception rather than the rule. openpgp support is less common, but there are plugins for many major thick clients (such as thunderbird)

webmail is not commonly associated with either. horde imp supports s/mime, squirrelmail has a gpg plugin, and there are browser plugins to add support to popular solutions, but that is no better than a thick client really.

Email itself however is rarely secure; even SMTPS is rare in the real world, with most email being sent unencrypted. If I really had to remove temptation, I would therefore implement a fully local solution, using a webserver, encryption (asymmetric), user logins, and so forth. while nothing can prevent later modification of such a system to allow access, It would at least be secure until tampered with (I would have suggested the hushmail approach there but given the twin and fatal flaws of
a) the current security problems with java and
b) that hushmail have been guilty in the past of deliberately compromising the security of users on receipt of an american court order,
That probably wouldn't go down too well :)
0
 
LVL 11

Accepted Solution

by:
RedLondon earned 500 total points
ID: 38794028
Do the communications need to be via email?

I can send a message to my bank using its "secure messaging" service that is visible only after I log into my internet banking account.  

When they reply, I get an email to tell me that they've replied, and to see their message, I should log into my internet banking account again.  

Your confidential information could be transmitted in a similar system, with notifications that the messages are there ready and waiting for the right eyes to log in and see them.  I've never used it, but there's one called Kana that I found with a quick search - you could use their page to explain better to your customer what happens.

If you just want to remove your ability to see the messages, you could instead change the domain's MX records so that email doesn't pass through the cPanel server at all, and use an email system like either Fastmail or Google Apps - but that just means that some other admin somewhere else could look at the email if they so wished.
0
 
LVL 8

Expert Comment

by:R_Edwards
ID: 38794198
Have you tried calling site5 and explain your concern?  as the above experts stated, anyone that has physical access to the server will be able to gain access.  I am sure that your hosting company can assist you.  good luck
0
 
LVL 32

Expert Comment

by:aleghart
ID: 38799281
The service provider would just tell you to get free or paid email certain to encrypt the message traffic.  Even if SMTP is transmitted plain-text over port 25, the contents are already encrypted.

Users need to trade keys first.  So the first messages between users will be in the clear.  After that, it's up to the users to use a mail client that supports encryption.

For other mail that is not user-to-user, you should contact the third party.  Banks and insurance companies will have their own message systems that email alerts for you to login.
But, at some point, you must trust your admin...or find a new service.  What would stop an admin from generating and intercepting a password reset?  Or getting the link from a cert provider to download your email encryption key?
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Closing Comment

by:jbaird123
ID: 38801123
I decided that the easiest solution with the greatest flexibility would be to simply use Google Apps.  This works because I am able to make the person who needs the confidential email the only administrator.  

This solution is easier than the others because it does not require that the user implement encryption.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 38804352
That should be ok, just bear in mind that the administrators at Google Apps can (and will, if given a court order by an American court) give the lot to whomever is holding the court order.
0
 

Author Comment

by:jbaird123
ID: 38805507
Thanks, Dave.
0
 
LVL 32

Expert Comment

by:aleghart
ID: 38805890
Does not require a court order any more.  NSL will do it without any oversight, and the ISP is threatened to not disclose the letter even exists.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now