[Mimedefang] Scary... Filtering on the outbound.

Ben Kamen bkamen at benjammin.net
Thu Feb 17 13:40:01 EST 2005

David F. Skoll wrote:
> Well, there's a commercial solution (maybe a few) that work like this:
> 1) Health care agency X needs to send confidential information to client Y.
> 2) Person from X sends confidential mail to a special account, something like:
> 	Y-at-Y.DOMAIN at secret.X.domain
> 3) A magic process intercepts the mail, stores the confidential info on
> an HTTPS server, and sends mail to Y at Y.DOMAIN saying:
>    "You have a confidential message at https://whatever"
> 4) Y logs in with his/her usernamd and password (which must have been
> sent out-of-band -- probably by regular mail) and reads the message.
> This avoids Y having to understand anything about PGP.  I think it's a fairly
> cool solution.

That is nifty - but is the server kept on site? if not. security can't be assured.

However, if everything was done HTTPS, that would be the fix.

Anyway - interesting idea.


More information about the MIMEDefang mailing list