[Mimedefang] Scary... Filtering on the outbound.
Ben Kamen
bkamen at benjammin.net
Thu Feb 17 13:40:01 EST 2005
David F. Skoll wrote:
>
> Well, there's a commercial solution (maybe a few) that work like this:
>
> 1) Health care agency X needs to send confidential information to client Y.
>
> 2) Person from X sends confidential mail to a special account, something like:
>
> Y-at-Y.DOMAIN at secret.X.domain
>
> 3) A magic process intercepts the mail, stores the confidential info on
> an HTTPS server, and sends mail to Y at Y.DOMAIN saying:
>
> "You have a confidential message at https://whatever"
>
> 4) Y logs in with his/her usernamd and password (which must have been
> sent out-of-band -- probably by regular mail) and reads the message.
>
> This avoids Y having to understand anything about PGP. I think it's a fairly
> cool solution.
That is nifty - but is the server kept on site? if not. security can't be assured.
However, if everything was done HTTPS, that would be the fix.
Anyway - interesting idea.
-Ben
More information about the MIMEDefang
mailing list