[Mimedefang] Re: FTC asks ISPs to crack down on zombie PCs (James Ebright)

[Ian Mitchell]

> Date: Thu, 26 May 2005 15:48:23 -0400
> From: "James Ebright" <jebright at esisnet.com>
> Subject: Re: [Mimedefang] FTC asks ISPs to crack down on zombie PCs
>
> On Thu, 26 May 2005 15:20:33 -0400, WBrown wrote
>
>> Ummm wouldn't TLS only encrypt the traffic between the two servers
>> involved at the moment, ie, your mail server and theirs as you relay
>> though it?  Encrypting the contents of the message would keep it out
>> of their hands.
>
> It encrypts the transmission of the message(s) from MUA through to Final
> Delivery MTA Assuming every MTA in the middle can handle TLS, once a non
> TLS
> MTA is hit from there on it is regular ole plaint text.
>

To my knowledge TLS will only encrpyts the message bewteen two points. If
you want MUA to MUA encryption you need S/MIME or PGP. Honestly, if you
think about it, how would a secondary MTA beable to "drop" the encryption
to send to a teriatry MTA that doesn't support TLS? So no, relaying
through the ISP's MTA does not allow for privacy. The only thing the TLS
at that point would protect would be for other members on the same
ethernet segment from sniffing your love letter. It would not prevent the
mail administrator from reading it. Or for tools like MIMEDefang from
processing it.

Now, TLS can be used to encrypt between two points all the way to the
final destination so in that light it would be encrypted from end to end,
but each server in between would be able to access the unencrypted "ole
plaint text" ;)

Thanks,
Ian.