FW: Email Encryption Between Servers
From: check (check@wescom.org)
Date: 04/02/03
- Previous message: White-Tiger: "RE: Email Encryption Between Servers"
- Maybe in reply to: Al Cooper: "Email Encryption Between Servers"
- Next in thread: Bear Giles: "StartTLS (was: Email Encryption Between Servers)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: check <check@wescom.org> To: "'security-basics@securityfocus.com'" <security-basics@securityfocus.com> Date: Wed, 2 Apr 2003 09:19:26 -0800
-----Original Message-----
From: Michael Osten [mailto:mosten@bleepyou.com]
Sent: Tuesday, April 01, 2003 4:53 PM
To: security-basics@securityfocus.com
Subject: RE: Email Encryption Between Servers
On Tue, 2003-04-01 at 11:27, Robinson, Sonja wrote:
> We evaluated three enterprise solutions and bid them out. I believe that
> once e-mail leaves your network using exchange it is automatically sent
> clear text, hence the need for encryption. I am not an exchange
> administrator so... And if you are sending PHI or GLBA I would send in no
> less then 128-bit anyway.
>
> There are a number of issues you need to think of when evaluating
encryption
> including, logging/reporting, forensics & investigations, ease of use for
> users, ease of administration, key exchanges, can I force my business
> partners to buy the same product/hardware/service, send to anyone
> capability, what constitutes due diligence, cost, etc.
>
> I am not endorsing any one vendor and these are not necessarily the
opinions
> of my employer and should not be construed as such.
I'm pretty sure that Exchange (I know Sendmail/Postfix/Qmail/Exim do)
support StartTLS?
The benefit of StartTLS is that it is free (other than the cert), open
standards, and will automatically encrypt communications between any
other mail sever running StartTLS (not just your partners).
---------------------------
Michael Osten
http://lists.netsys.com/pipermail/full-disclosure/2003-February/008369.html
When caught, McWilliams was seen at his
computer finishing a non fictional piece titled "Art
of Deception to the 100th Power. Pi don't equal Pie
Bitch."
-------------------------------------------------------------------
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-security-basics
**********************************************************************
This email and any files transmitted with it are confidential
and intended solely for the use of the individual or entity to
whom they are addressed. If you have received this email
in error, please delete it immediately and advise the sender.
WESCOM CREDIT UNION (626) 535-1000
**********************************************************************
-------------------------------------------------------------------
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-security-basics
- Previous message: White-Tiger: "RE: Email Encryption Between Servers"
- Maybe in reply to: Al Cooper: "Email Encryption Between Servers"
- Next in thread: Bear Giles: "StartTLS (was: Email Encryption Between Servers)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
