[TriLUG] transmitting secure emails
glcox at pobox.com
Tue Apr 6 01:51:39 EDT 2010
On Tue, Apr 6, 2010 at 1:12 AM, Chuck Peters <chuck.peters at gmail.com> wrote:
> I have setup TLS for our exim servers and that will transport the
> messages securely between servers, but that does not mean all messages
> are sent securly. I would think it is possible to require all SMTP
> traffic use TLS and send some bounce if it isn't transported securely.
Doesn't this sort of miss the larger point, though? The actual
delivery is sort of a boring academic/logistical discussion.
You lose control once you (pointer-finger or programatically) click
send. You're dropping the encrypted email on a far side MTA you don't
control, and then expecting (a) your encryption to hold up under
attack, (b) it to get delivered to the right person and only them, and
(c) to be able to verify any of this when something goes wrong. If
those are acceptable risks, then... well, it's an illusion of safety
worthy of the TSA.
If it's not acceptable, then you're back to the earlier mentioned
HIPPA-style security, a plain email saying "dude, come get yo crap
offa my server." Then you fall back on your own AAA implementation
and file delivery mechanism, whether that's https/sftp/carrierpigeons,
which, again, is academics.
More information about the TriLUG