Re: Email secure delivery

From: Walter Roberson (roberson_at_ibd.nrc-cnrc.gc.ca)
Date: 03/01/05

• Next message: Moe Trin: "Re: Apache 1.3.33 strange log entry"
• Previous message: uranus25_at_gmail.com: "Virtual Account Numbers"
• In reply to: SecurityAce36: "Email secure delivery"
• Next in thread: david20_at_alpha2.mdx.ac.uk: "Re: Email secure delivery"
• Reply: david20_at_alpha2.mdx.ac.uk: "Re: Email secure delivery"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 1 Mar 2005 21:42:42 GMT

In article <1109692838.387048.146470@o13g2000cwo.googlegroups.com>,
SecurityAce36 <jason.clark@everbank.com> wrote:
:I am currently searching for the best application or service to provide
:end to end security for delivering encrypted emails from one company to
:another accross the Internet.

:My goal is to some how have the app or user decide if the email needs
:to be encrypted, then apply a cert which can be maintained. The email
:then sent to the recpt. who then decryptes the message using either of
:these options. I hope that the gateway can negotiation which type to
:use with the other gateway/exchange server.

:This needs to work for
:all companys including people with hotmail, yahoo, etc. accounts.

hotmail, yahoo, etc. are running standard ESMTP servers; ESMTP does
not have any option to negotiate security (plain SMTP doesn't either,
which is important because your solution has to work for "all companys".)

I seem to recall hearing of proposed extensions to ESMTP to
negotiate security, but I do not recall any details, and I have never
encountered any system that implimented such an extension. [DoD might
perhaps have implimented such a thing...]

-- 
   "Infinity is like a stuffed walrus I can hold in the palm of my hand.
   Don't do anything with infinity you wouldn't do with a stuffed walrus."
   -- Dr. Fletcher, Va. Polytechnic Inst. and St. Univ.

• Next message: Moe Trin: "Re: Apache 1.3.33 strange log entry"
• Previous message: uranus25_at_gmail.com: "Virtual Account Numbers"
• In reply to: SecurityAce36: "Email secure delivery"
• Next in thread: david20_at_alpha2.mdx.ac.uk: "Re: Email secure delivery"
• Reply: david20_at_alpha2.mdx.ac.uk: "Re: Email secure delivery"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: ESTMP Exploits & Security ... Subject: ESTMP Exploits & Security ... I'm looking for info on exploits and security of ESMTP when you telnet into ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... (Security-Basics) RE: ESTMP Exploits & Security ... > I'm looking for info on exploits and security of ESMTP when you telnet ... > Are their DDOS attacks or hacks against ESMTP? ... I've heard mention of a postfix SMTP gateway, but that's not a very good ... breaking the mail server, as most servers do not use this. ... (Security-Basics) ESTMP Exploits & Security ... I'm looking for info on exploits and security of ESMTP when you telnet into ... but trying to understand the security implications of being able to do this. ... Does ESMTP from the command line need to be "accessible" for the apps to ... (Security-Basics) Re: prevent Exch2000 from accepting EHLO and ESMTP commands ... I'm not trying to improve any security. ... so I wanted to setup Exchange in pure SMTP mode to see if the problem ... > systems on the Internet support ESMTP at this point. ... (microsoft.public.exchange2000.transport) Re: prevent Exch2000 from accepting EHLO and ESMTP commands ... I'm not trying to improve any security. ... so I wanted to setup Exchange in pure SMTP mode to see if the problem ... > systems on the Internet support ESMTP at this point. ... (microsoft.public.exchange2000.protocols)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint