Mac users, the following outlines how you can store your Entourage 2008 and Apple Mail content wherever you want, including on an encrypted volume. Both Entourage and Mail seem to be fixed with the locations in which they store their data. Typically if you move the files that Entourage needs to another location, it just creates new blank ones the next time Entourage is started. The same is true for Mail. And if an attacker were to steal your laptop, because the mailstores for Entourage and Mail are not encrypted or password protected, should an attacker get copies of your local mailstore they will be able to read the content and messages stored there.

The mailstore is the local copy of your mail. Similar to the .pst and .ost files under Windows, the Mac Entourage 2008 client stores email in a directory at “/Users/Your_ID/Documents/Microsoft User Data/Office 2008 Identities/Your_Profile” and the Mail app stores it’s mail in “/Users/Your_ID/Library/Mail/.” Other email clients such as Thunderbird will put their mail and profiles in the directories you specify during the setup.

Snow Leopard provides the ability to encrypt your home directory through the use of FileVault. However this poses several problems

• Provides protection when the computer is off, but if your laptop is stolen when running, your user directory has already been decrypted and is available
• Time Machine will not work as designed; It will not be able to backup individual files in your user directory, only the entire FileVault volume. As a result, even if only one minor change is made to a file that is not sensitive, the entire volume is backed up
• Other backup utilities may behave differently than Time Machine, leading to inconsistency in backups or potential data leaks

A solution is to use separate encrypted drives for different purposes. This allows you to

• Have more granularity on what gets encrypted
• Mount, use, and unmount sensitive content only when needed
• Use different passwords for different drives
• Have portable, encrypted content

Using Encryption with the Microsoft Entourage 2008 Mailstore in Snow Leopard

How To Encrypt the Microsoft Entourage 2008 Mailstore in Snow Leopard

After a lot of trial and error I found the following steps to work.

1. Make sure Entourage is not running and you have a current backup
2. Do a Get Info on /Users/Your_ID/Documents/Microsoft User Data to see how large your current data directory is
3. Open Disk Utility found in /Applications/Utilities
4. In Disk Utility, click New Image
5. Name the image “EntourageMailstore”
6. Select 256-bit encryption and read/write for the format, and make it about twice as large as the size of your current Microsoft User Data directory
7. Save the image somewhere in your home directory
8. Double-click the image to mount the drive; it should appear on your Desktop
9. If the drive shows as “Untitled” rename it to “EntourageMailstore”
10. Copy the contents of /Users/Your_ID/Documents/Microsoft User Data/ to the new drive
11. Rename the folder /Users/Your_ID/Documents/Microsoft User Data to /Users/Your_ID/Documents/Microsoft User Data_OFF
12. Create an alias of the “EntourageMailstore” drive on your Desktop
13. Rename the alias to “Microsoft User Data”
14. Move the alias to /Users/Your_ID/Documents
15. Eject the “EntourageMailstore” drive

You should now have a copy of your Microsoft User Data contents on an encrypted drive, a copy of your original folder called Microsoft User Data_OFF, and an alias called Microsoft User Data in /Users/Your_ID/Documents

Note that the following did not work with the Entourage mailstore

• TrueCrypt Volumes: I rely on TrueCrypt every day on Mac and PCs. For whatever reason, Entourage just could not keep it together on a TrueCrypt volume. Every time the Microsoft Database Daemon would quit, Entourage would lose any and all notion of where the profile identity was
• Sym links: a symlink works when a drive is mounted but will not trigger a disk image to mount automatically. It will also break if you move the .dmg file whereas an alias will not
• Defined mount points in /etc/fstab: I mapped drives to mount points in the filesystem but had the same issues as with sym links
• Mapping just the identity folder: I had to do the entire Microsoft User Data directory

How To Use The Encrypted Microsoft Entourage 2008 Mailstore in Snow Leopard

1. Launch Entourage
2. If you have a current profile, it’s likely that Entourage will not be able to use it right away. I had varying results. The first time i tried it i had to create a new identity (you can either import data from your old one or just leave it empty.) Once that was done I was able to go to Entourage > Switch Identity… and the pick my previous identity. If this doesn’t work for you, try importing data from your old profile into your new one. When I did this, I had to choose Entourage 2004 as the source format even though the content was from a 2008 version.
3. Use Entourage as usual. Content will be written to the EntourageMailstore drive.

Because of the alias, Entourage will try to open the content on the encrypted drive whenever you start it. It’s a .dmg image so your Mac will automatically try to mount the drive when you need it. You’ll be prompted to enter the password for the drive, and then Entourage will launch and write to the encrypted volume.

If you want the drive to be unmounted when you close Entourage, you can write an Automator service to help. You cannot just quit and eject or force eject the drive as the Entourage Database Daemon still has files open on the drive. The Automator service you write needs to save and quit Entourage, explicitly quit the Microsoft Database Daemon, and then gets and ejects the EntourageMailstore drive. Set the dropdown settings in the top to “no input” and “Entourage.” Save the service as “QuitEntourage.” It will show up as a service when you’re in the Entourage app.

You should confirm that when the EntourageMailstore drive is mounted, Time Machine or other backup utilities are not backing it up. If you want backups of your mail, check to make sure that your EntourageMailstore.dmg file is being backed up.

Using Encryption with the Apple Mail Mailstore in Snow Leopard

How To Encrypt the Apple Mail Mailstore in Snow Leopard

1. Make sure Mail is not running and you have a current backup
2. Do a Get Info on /Users/Your_ID/Library/Mail/ to see how large your current Mail directory is
3. Open Disk Utility found in /Applications/Utilities
4. In Disk Utility, click New Image
5. Name the image “AppleMailMailstore”
6. Select 256-bit encryption and read/write for the format, and make it about twice as large as the size of your current Mail directory
7. Save the image somewhere in your home directory
8. Double-click the image to mount the drive; it should appear on your Desktop
9. If the drive shows as “Untitled” rename it to “AppleMailMailstore”
10. Copy the contents of /Users/Your_ID/Library/Mail/ to the new drive
11. Rename the folder /Users/Your_ID/Library/Mail to /Users/Your_ID/Library/Mail_OFF
12. Create an alias of the “AppleMailMailstore” drive on your Desktop
13. Rename the alias to “Mail”
14. Move the alias to /Users/Your_ID/Library/
15. Eject the “AppleMailMailstore” drive

You should now have a copy of your Mail contents on an encrypted drive, a copy of your original folder called Mail_OFF, and an alias called Mail in /Users/Your_ID/Library/

How To Use The Encrypted Apple Mail Mailstore in Snow Leopard

1. Launch the Mail app

That’s it. Because of the alias, Mail will try to open the content on the encrypted drive. It’s a .dmg image so your Mac will automatically try to mount the drive now that you need it. You’ll be prompted to enter the password for the drive, and then Mail will launch and write to the encrypted volume.

If you want the drive to be unmounted when you close Mail, you can write an Automator service that quits Mail, gets the AppleMailMailstore drive in the Finder, and ejects it. Set the drop-down settings in the top to “no input” and “Mail.” Save the service as “QuitMail.” It will show up as a service when you’re in the Mail app.
You should confirm that when the AppleMailMailstore drive is mounted, Time Machine or other backup utilities are not backing it up. If you want backups of your mail, check to make sure that your AppleMailMailstore.dmg file is being backed up.

Related Posts:

• Jailbreaking iPhones Now Legal?
• MyKeePass Upload on iPad Fixed?