So maybe this needs a multi-phase approach. 1)The mail programs themselves will encrypt between servers. This can be used to both protect the message(s) from being read (easily). Does PGP also assist by doing some compression?. Also it can be used to autheticate messages using a signiture which will have the dual purpose of providing some tamper proofing. 2)The receiving mail-server will autheticate the incoming message against its own list of known servers, and validate that the contents of the message as a whole appears OK. Maybe it will flag messages that fail these checks. It can also flag messages that arrived without server encryption. 3)If the incoming decrypted message is not itself privately encrypted by the sender it will use PGP to encrypt the message for the user before storing locally. If the sender has already encrypted the message then it will simply store it. Caveats A)All systems must have compatible encryption systems or access to those systems. (Why limit to just one?) and all those systems must have some sort of agreed means of flagging the message to allow automatted decryption. B)Some means of exchanging public keys must be developed. This must allow for keys to be changed. What happens when keys are changed, and messages are still in transit from the old keys. C)Not everyone is wise enough to use UNIX. Some people even use (pardon the language) Windoze or even AS/400's. There is plenty more scope for discussion here I think even if it is some of the less verbally able slagging off about old ideas that can't/won't work because ... etc. Surely there are enough brains out there to thrash this through properly. Hwyl "William H. Geiger III" <whgiii@openpgp.net> on 18/12/98 00:23:05 To: "Marcel Popescu" <mdpopescu@geocities.com> cc: "Cypherpunks list" <cypherpunks@toad.com> (bcc: Richard Bragg/UK/SSA_EUROPE) Subject: RE: I must admit. . . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In <000301be2a14$9e5a8ec0$22fcb3c3@roknet.ro>, on 12/18/98 at 01:26 AM, "Marcel Popescu" <mdpopescu@geocities.com> said:

...

I for one would like sendmail integrated with PGP. For example: sendmail asks receiving server if it has PGP, and please give your public key, I have mail for you.. Then send the e-mail encrypted, while the receiving sendmail decrypts it and delivers forwards. This is not very effective, but it would help some.

I think this is a great idea. First time I'll play with making a POP client (an idea that appeals to me once in a while) I'll think about it...

Wouldn't it be more efficient to use TLS or SSH as an encryption protocol between the POP3d and the POP3 client? This could also be used for sendmail<->sendmail transactions. This still does not address local storage on the POP3d server. I am looking to setting up procmail to automatically PGP encrypt incomming messages and the forwarding them to a local account so even if the sender does not have PGP once the message is received by the PGP mail forwarder the messages will be PGP encrypted (I have had several people contact me looking for solutions to ISP's snooping on their mail without relying on the senders using PGP). - -- - --------------------------------------------------------------- William H. Geiger III http://www.openpgp.net Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html - --------------------------------------------------------------- Tag-O-Matic: OS/2: Your brain. Windows: Your brain on drugs. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i OS/2 for non-commercial use Comment: Registered_User_E-Secure_v1.1b1_ES000000 Charset: cp850 wj8DBQE2eZOrlHpjA6A1ypsRAgVDAKCpsNkbUjYCe77XBFHXnQDjZveHIwCg81zI UQM3ssGqYt/sQ+674XepePs= =GLQh -----END PGP SIGNATURE-----