Free Encryption Backup

by Fernando

Google's choice of 1 GB of space started a chain reaction throughout free email providers.

The following is a list of email providers that have bumped up their user quotas to compete with Gmail:

• Spymac  spymac.com  (1 GB)
• Rediff  rediff.com  (1 GB)
• Hotmail  hotmail.com  (250 MB)
• Yahoo! Mail  mail.yahoo.com  (100 MB)

As time goes on, I am sure that this list is going to continue to grow, but already (assuming you only use one account per provider), you have almost 4 GB of free remote storage at your fingertips.

Given approximately 30 kB per email message, this is enough storage to backup 139,810 email messages!

But do you really trust these email providers with your personal emails?

What if Spymac was to go bankrupt and sell their storage hard drives on eBay?  What if a new Hotmail flaw allows access to any inbox without a password?

The following is a simple method to encrypt your mailbox with AES-256 encryption, backup up your mail securely and automatically to these huge free storage facilities.

MCrypt encrypts files using the libmcrypt libraries.

To install MCrypt, if you are on Debian, simply type: apt-get install mcrypt

If you are on FreeBSD, simply type: cd /usr/ports/security/mcrypt; make install clean

If you need to compile it from source, you will also need to install Mhash (mhash.sf.net).

All three of the packages (Mhash, libmcrypt, and MCrypt - installed in that order) only need ./configure; make all install to install under Mac OS X with developer tools installed.

You need MCrypt installed on your mail server, but you can keep it installed as an unprivileged user if your sysadmin won't install it for you.

In your home directory, create a file called .mcryptrc which has the following lines:

key somepassword algorithm rijndael-256

In most UNIX-based systems, your inbox is kept in either ~/mbox, /var/mail/username, or /var/spool/mail/username.

If all you want to do is keep your inbox, figure out which one it is and use the following commands to compress, encrypt, and then mail yourself a copy of your mailbox:

#!/bin/bash mbox='/var/mail/username' backupaddress='someaddress@gmail.com' tar -pcj $mbox | mcrypt -q -c ~/.mcryptrc > ~/mail.`date +%m.%d.%y`.tar.bz2.nc echo | mutt -a ~/mail.`date +%m.%d.%y`.tar.bz2.nc -s "Mail backup for `date +%m/%d/%y`" $backupaddress rm -f ~/mail.`date +%m.%d.%y`.tar.bz2.nc

Now you can easily make this into a shell script and run it every week as a cron job.

You can also make different scripts with different free email accounts to distribute your mail for redundancy or send your mail to different accounts every week to stretch out the capacity of those 4 GB.

If you ever need to decrypt your mail backup, all you would have to do is download it and run: mcrypt -d somefile.tar.bz2.nc

It will ask you for your password and you type whatever you have in your .mcryptrc file.

Then you type tar xfj somefile.tar.bz2 and you now have your mailbox back.

Of course, you can use this technique for any type of files, not just mail backups, but having accidentally deleted all of my email in the past, I wanted to setup a reliable system where I could never lose my information again and not have to burn CDs every week.

If your backup file gets too big (more than 50 MB or so), the command split -b 50m somefile.tar.bz2.nc will split your file into 50 MB chunks which can then be emailed and put back together again later.

Hope this proves useful.

There are other systems out there (ilia.ws/archives/15_Gmail_as_an_online_backup_system.html) that can allow Gmail to act more like a backup system, but this way of thinking about mail allows for more security and flexibility.

Props to Madeline for putting up with me and Hexwizard for always being there.