For an Microsoft Exchange server, is it possible to encrypt the email database such that the sysadmin cannot see the emails?
In other words, the admin would be responsible for all aspects of running the Windows server and Exchange process, but would not be able to see the contents of any one email (except those sent to him, obviously). Only another individual (e.g. company owner) would be able to see all emails contained in the database.
Best Answer
The "supported" answer to what you're looking for involves using a public key infrastructure (PKI) and using the built-in encryption and digital signature functionality in Microsoft Outlook to encrypt/sign messages "client side". Anyone on the Internet sending you messages would need to encrypt email they're sending to you.
This is strictly a client-side issue. There are no mechanisms in current versions of Exchange to handle encryption of email server-side.