SMTP Encryption Extension

Eric Murray ericm at lne.com
Tue Oct 21 08:49:10 PDT 1997 


Mike writes:
> 
> Ariel Glenn wrote:
> >So data kept on the filesystem has to be protected and it has to be
> encrypted when it is sent out to the browsing (legitimate) user. 
> 
> But you can do that already with standard software. Just encrypt the disk
> with CFS and the web server with SSL. Nothing needs to be invented to solve
> your problem. All the popular browsers already have SSL running.
> 
> Which leads to another idea, couldn't we encrypt SMTP by running it over
> SSL as a web server cgi? If 99% of Internet traffic is web browsing and we
> are trying to hide our email, then why not make the email look like web
> browsing?


You don't need to run it through a CGI.  There's a port defined for
SMTP-over-SSL:

ssmtp           465/tcp    ssmtp

(from the IANA assigned port numbers document of feb '97)

The problem with SSL is that it only protects the pipe, not the mail
that's being transported.  Mail is a store-and-forward scheme.
It's stored on the local disk and forwarded to the next hop.
Often that's not the recipient, but is a mail exchange or a firewall
gateway.  Then the MX or firewall forwards the mail on to the next
hop, etc.

(note that a CFS partition, in order to be used by a mail transport, would
need to be mounted at all times, and therefore would be available to
an attacker who gained root on the mail transport host)

If your mail goes to an intermediate MX site, it'll sit in the clear on
the disk there until its sent to its final destination.   Even if all
mailers supported ssmtp, the mail would not be secure.

Email really needs to be individually encrypted instead of using
encrypted pipes.  If you want to protect all email (an excellent
idea), build a mail transport which automatically encrypts each
outgoing mail in the key of the recipient (or recipients's mail
transport).  It's not that hard to do, I build a 'pgpsendmail' for
a former employer.  Most of the effort was in figuring out where in
sendmail to put the hooks to pgp.



-- 
Eric Murray  Chief Security Scientist  N*Able Technologies  www.nabletech.com
(email:  ericm  at  lne.com   or   nabletech.com)          PGP keyid:E03F65E5

More information about the cypherpunks-legacy mailing list