search

mail-in-a-box / mailinabox

Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.
https://mailinabox.email/
Creative Commons Zero v1.0 Universal
13.76k stars 1.43k forks source link

Revision-proof email archiving #2031

Open JPustkuchen opened 2 years ago

JPustkuchen commented 2 years ago

Hi all and thank you very much for this great project!

This is more a question / discussion than an issue or feature request.

As described in https://www.it-recht-kanzlei.de/recht-archivierung-email.html it's a law enforcement in Germany (I'm unsure if also in the whole EU or other EU countries) to archive eMails revision-safe.

Tools like open source https://www.mailpiler.org/ or the commercial https://www.mailstore.com/ solve this as separate software, but it would be very helpful for searching the archive to have an all-in-one solution.

Is this a possible topic for the future of mail-in-a-box or completely out of focus? At least in Germany it's relevant for all companies.

Thank you very much for your hard work in this project.

JoshData commented 2 years ago

If this is a requirement for deploying any mail server in Germany or by a German entity, then it can be in scope for this project.

JPustkuchen commented 2 years ago

@JoshData thank you very much!

No it's a bit different. You may run any mail server but as company you have to archive all "Business letter" eMails which are relevant for taxing or other fiscal reasons. So in the result this leads to the requirement to revision-proof archive all eMails at least to tax relevant eMail addresses live "invoice@" or "info@".

Here's a further article about it, I sadly didn't find an english version, perhaps you can use a translator? https://www.d-velop.de/blog/compliance/e-mail-archivierung-gesetz/

Update: Here's an english article: https://www.mailstore.com/en/blog/2018/01/25/what-is-email-archiving/

DerBunteBall commented 2 years ago

Hi

I recommend using the MailStore solution:

  1. It's really complicated to make this safe. So you need to verify to comply to some things that the regulations enforces. It would take much time to make this safe.
  2. Mailpiler is a solution for this. For me it's a bit unflexible.
  3. MailStore Server depends on Windows. That's in general bad. But it's the best way to have an external managment I actually know. MailStore Server gives different access possibiliteis. So you can access with IMAP and have full-text search. You need no changes to the mailserver itself. Organize your mail on the MIAB and archive the wanted one via IMAP. There are Outlook extensions and Web UI for access available. Keep in mind: You don't want to archive crap and DSGVO related stuff that don't need to be archived. So it's really important to have a mailserver that does what it should do. Also the filtering and managment of mail gets important there.
  4. The sending in MailStore situation is managed with relaying.
  5. You have better possibilites to backup the archive. So you could use the Mailstore Backup Mechanism combined with BorgBackup.

Best Regards