Encrypt local mail folders and the desktop search index
I'm using TrueCrypt to encrypt all kind of files on my computer (and on all external harddrives and most USB thumbdrives) for quite some time now and I really like it. On the PC I have a set of data I want to have encrypted but that I always need, so I've configured it to automatically mount it as X:\ after login (that is, I just have to enter my password, hit enter and forget about it). One of this kind of data is the web browser bookmarks, history and cache. Luckily Firefox allows you to store the profile wherever you want, so I simply store it on that virtual drive X mentioned before.
Desktop Search is very useful (be it Google Desktop or Microsoft Desktop Search or whatever). However, what's the point of encrypting files when they're full-text indexed to some unencrypted location anyway. Hence I want this index to be stored on that encrypted drive X too.
- Issue: The Windows Desktop Search service starts before I can enter the password and mount X. If it can't access the index, it automatically starts generating a new index at the default (and unencrypted) location. So I need some way of delaying the service start.
In addition I also want my local mail folder encrypted on X. Similar to Firefox, the Mozilla email client Thunderbird allows my to store the profile wherever I want, so I chose to store it directly on X. However, I also use Outlook 2007, and there it's not that simple:
- Issue: While Outlook 2007 allows you to store the main post folder wherever you want, for some yet unknown reason you can't move IMAP or Exchange data folders.
Luckily there is a workaround for both issues, although it's not trivial and involves some coding. Here's what I did, let me know if you have a better solution (the NTFS built-in encryption is no option for me), or if you're interested in the code:
- Change the Search Index Service to start manually (instead of automatically)
- Write a small Windows service that starts automatically and checks all few seconds whether X is mounted. If it is, it stops further checking and starts the Search Index Service.
- Move all files from the outlook data folder (something like Documents and Settings..\Local Settings\Application Data\Microsoft\Office) to a new folder in X and delete this Outlook folder
- Have the small Windows service (from point 2) create an NTFS Junction (aka symlink) in place of the just deleted Outlook folder, and point it to the new directory in X, as soon as X is mounted; and remove this junction again once the service stops. This makes Outlook 2007 think the files are still where it expects it, but in reality they're on X instead.