I am not available for this (also not qualified)... but I would just like to suggest that no matter how scientifically you "shred" some data, when someone enters a command to delete a certain message, you might want to also, periodically (like, maybe daily or weekly) copy the "mailbox" (messages that have NOT been deleted / shredded) to a physically different drive, and then do some kind of very thorough erasure (like, the low-level formatting type of thing -- maybe even also use some strong magnets nearby... etc.) and over-writing of the data on the old media. (or - - -maybe even physically shred the metal and disk drive media surfaces) (if you can afford to buy new ones every so often) Just a suggestion, because it sounds like it is really important for the "ghost images" of erstwhile e-mail messages, to never fall in to the wrong hands. -- Mike Schwartz Glendale AZ schwartz@acm.org Mike.L.Schwartz@gmail.com On 10/5/06, George Toft wrote: > > Anyone up to the task of changing the source? This is a for-pay > project, and if you can deliver, I can put it in the proposal. > > George Toft, CISSP, MSIS > 623-203-1760 > > "That which does not kill us makes us stronger." > > > > Eric "Shubes" wrote: > > George Toft wrote: > > > >>Requirements: > >>1. Deleted files (say, qmail messages after pickup) are shredded upon > >>deletion. Immediately upon delete. Since an application is performing > >>the delete, I must assume "rm" is not being issued, so I can't > >>substitute "shred" in its place. > >> > >>2. Files owned by vpopmail:vchkpw can only be read by said user:group - > >>this includes root. We need to lock root (and every other user) out of > >>the messages. > >> > >>3. Encrypted file system to defend against physical theft. > >> > >> > >>#3 is easy. > >> > >>#2 sounds like a job for SELinux. Alternatives are welcome :) > >> > >>What about #1? Any ideas? > >> > > > > Change the source and rebuild? Should be fairly easy with qmail as it's > > distributed as source. Other applications might not be as easy. > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change you mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >