tl;dr: This system has some additional protections, but also some of the same weaknesses as a typical workstation email setup. Understand the below conversation in that context.
tl;dr: This system has some additional protections, but also some of the same weaknesses as a typical workstation email setup. Understand the below conversation in that context.
...
@@ -29,6 +30,8 @@ If targeting a user on the *local* system, there is nothing to reject it there.
...
@@ -29,6 +30,8 @@ If targeting a user on the *local* system, there is nothing to reject it there.
Just blocking these messages outright will break some mail setups. Basically, the summary is: you probably don't want to have untrusted users on your local system.
Just blocking these messages outright will break some mail setups. Basically, the summary is: you probably don't want to have untrusted users on your local system.
There is an esoteric case where the From: line contains multiple addresses. See the conversation on the [mailing lists](mailing-lists) page for more.
# On-disk encryption
# On-disk encryption
NNCP protects the messages while in transit. At the sending and destination servers, however, they may be stored in plaintext in places like the Exim queue and user's home directories. This is the same as with typical mail systems, since this IS a typical mail system, just with different transport. If this is an issue for you, storing the `/persist` volume on a LUKS-encrypted filesystem may be a good plan, or you can use OpenPGP or other encryption.
NNCP protects the messages while in transit. At the sending and destination servers, however, they may be stored in plaintext in places like the Exim queue and user's home directories. This is the same as with typical mail systems, since this IS a typical mail system, just with different transport. If this is an issue for you, storing the `/persist` volume on a LUKS-encrypted filesystem may be a good plan, or you can use OpenPGP or other encryption.
