Juergen Dollinger writes:
We tried encrypted lists some years ago. Have a look at http://non-gnu.uvt.nl/mailman-pgp-smime/
Thank you for describing your experience! The people side is always hard. I'm not unhopeful though, but it's going to take work, especially good design.
The idea is that there is a key for the list, the server decrypts the E-mails and encrypts it for the recipients who have supplied a key. Worked fine with that old version of Mailman 20 years ago.
That's exactly how I would do it, except you wouldn't receive posts until you submitted a key. Having half the copies vulnerable on-the-wire and on-disk would not fill me with warm fuzzy feelings. :-)
I think this could be fairly useful in environments where people are paranoid enough to leave the mail encrypted on disk. But even the DV case that I mentioned -- would it stay encrypted for long if a few of the abusers discovered its existence? It would only take one!
But even in our quite nerdy environment only about the half of the subscribers submitted a key for the list. (excuses are like 'I want to use grep(1) for fulltext search in my list E-mails')
Today I don't think that excuse would fly, machines are fast enough that few email bodies would take noticable time to decrypt, and languages like Python and Perl provide very high quality email processing libraries. p-grep-p would be written real fast, and it would work fast too.
Steve