Mailinglist Archive: opensuse-security (409 mails)

< Previous Next >
Re: [suse-security] Encrypt E-Mails without human-agreement
  • From: John Andersen <jsa@xxxxxxxxxxxxxx>
  • Date: Fri, 16 Aug 2002 16:04:33 -0800
  • Message-id: <200208170004.g7H04XL18876@xxxxxxxxxxxxxx>
On Friday 16 August 2002 06:03 am, Michel Messerschmidt wrote:
> > IF both MTA support ssl, the mail will be transfered encrypted.
> > So if your MTA and the MTA of the other company speaks TLS,
> > your clients on both sides also uses ssl for smtp/pop3/imap,
> > the mail will transfered in an encryption tunnel.
>
> No.
> This is called Transport Layer Security (TLS) because it only encrypts the
> direct connection from one MTA to the next. Every MTA on the route is able
> to read the mail since it processes mails above the transportlayer. Privacy
> can only be guaranteed if there is a direct connection between sending and
> recieving MTA (and both ca nbe trusted). This is not true for SMTP.

Presumably they are free to configure the MTAs at either end not to
use the "smart host" relay feature. In this case all connections
are direct and there are no intermediate MTAs.
Is this not correct?

--
_________________________________________________
No I Don't Yahoo!
And I'm getting pretty sick of being asked if I do.
_________________________________________________
John Andersen / Juneau Alaska

< Previous Next >