[Mimedefang] FTC asks ISPs to crack down on zombie PCs

Kris Deugau kdeugau at vianet.ca
Thu May 26 18:03:05 EDT 2005 

James Ebright wrote:
> I believe that sendmail uses Diffie-Hellman key exchange and the MTA
> only keeps the master_secret in memory for a short period of time and
> must be redetermined during every conversation, so technically yes, I
> think a middle MTA could see it, but it would be alot more work than
> I would be willing to put in to see it in real time. I suppose you
> could modify the source to store unencrypted local copys and mirror
> that in real time.... but I can think of other easier ways to get
> copies of your outgoing email if I really wanted them (like say for a
> court ordered subpeona).

Hmm.  I think you're still a little confused.

TLS is really a generic method for encrypting communication between two
arbitrary systems.  It does NOT specify what's done with the data at
either end.  (Think HTTPS, or POP3S, or IMAPS- technically, AIUI, all
use TLS.)

What it prevents (or at least significantly guards against) is capture
of the TCP/IP packet stream (even at either system's local kernel level)
by a third party.  The sending system and receiving system are
essentially running standard SMTP otherwise;  and any of the standard
methods of pulling data out of the MTA at either end should work just
fine.

It's important not so much to prevent capture of the message data -
although it helps to some degree there - but with preventing capture of
somewhat more sensitive data such as SMTP AUTH tokens of several
flavours.  It's also of rather limited use as an authenication system in
and of itself with the right certificates.

> If the data is that sensative then use a third party encryption on
> the message itself or dont send it via email.

Yep.  *Really* high-security data shouldn't be on a network that's
Internet-connected, period, IMO;  and if you need to transfer data you
stuff it on a USB key or hard drive and take the physical device from
network A to network B.  (If you're really paranoid, you destroy the
physical transport device once you've pulled the data.)

For most data that should be secured, but which is MUCH more conventient
to handle online?  PGP.  (Or GPG, or whatever PGP-equivalent you feel
like using.)

-kgd
-- 
Get your mouse off of there!  You don't know where that email has been!

More information about the MIMEDefang mailing list