Hi. I am on a dedicated server. It has domains. Each domain has email addresses. From what I understand the root account can access all the mbox files, i.e., all emails.
Is there a way to prevent even root access to emails? For example some MD5 kind of encryption (or even better) that will allow me to block myself as the root user, to give my customers the satisfaction that I will never see their email?
What are my options? Thanks for any thoughts or pointers!
Emails are inherently insecure - they are transmitted and stored as plain text. The only way I know of is for your users to use encryption for sending/receiving (PGP or similar), in that way only they will have their private key to decrypt.
As root, I can't think of a way of not having read/write access to the mail.
I think you've already got your answer, you just don't like it. Encrypting requires work on the part of your users, and work on your part to figure out how to tell them how to do it.
Cut to the chase and forget the idea. You're root, you have access. So does their ISP, and the ISP of whoever sends it. Along with the company that handles your server location. And so on.
If they are 'users' and don't want email read, don't send it. If they don't want it read by 'you' then either trust you or don't send it through your systems.
I've never had this asked by my users. If they did, I'd blow them off - I don't read your emails and that's the end of the story. Take it or leave it. And you shouldn't be trying to build this up in their minds either. Tell them you don't read the emails and be done with it. If they complain, tell them that's all you're going to do about it.