I'm looking into setting up a mail server (running Ubuntu, ofcourse), but I need it to run reliably (in case it's good enough to start using it instead of only Gmail) so I found a VPS provider that seems trustworthy and that uses KVM, instead of my Ubuntu server at home. I want my mails to be stored safely and encrypted, as a precaution (though I know it won't protect against some hacker accessing it while it's still running). This is easily done by using Encfs (provided I log in and decrypt it after boot).
While doing research on running a mail server in a VPS, I learned that the provider (or a hacker) is always able to read what my VPS is doing. It was claimed (second paragraph) this is very easy to do if you're using OpenVZ, but if my provider (or more likely, if at all, a hacker) wanted to do the same with a KVM or Xen VM (s)he needs to reboot my VM. However, I couldn't find more information about this.
My question: If someone has access to my KVM VM and wanted to go through the data on my VM, what could that person read? For example, would that person just get a copy of my VM in an unbooted state, so therefore with the encrypted Encfs folder still locked when booted if they don't know my encryption password? Or could they access a running VM with the Encfs folder that I decrypted? (I hope my question makes sense.)
I know my provider or a hacker wouldn't be very interested in reading my e-mail, but better safe than sorry. GPG isn't that widely used yet.
