RE: [Declude.Virus] server-based encryption
Keep in mind, it would only apply for certain destination addresses, not all outgoing messages. My company is very interested in this ability. What would it take to get this done? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan Sent: Wednesday, January 22, 2003 5:28 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption I actually don't think it'd be too bad .. the keys would be stored on the mail server, the program you call would find the body, encrypt it, pass declude a return true, or however it's handled, and away it goes out to the world. You are, of course, assuming that the user isn't using webmail, and that they're using the imail box to send mail (relay). The other catch would be decryption .. maybe not so difficult either. Jonathan At 04:56 PM 1/22/2003 -0500, you wrote: That would be ideal. But is it feasible? If so, don't forget to include me on the royalties! :) -Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan Sent: Wednesday, January 22, 2003 12:37 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption Maybe something could be scripted and called via declude .. an external .. might not be so difficult .. Jonathan At 09:10 AM 1/22/2003 -0500, you wrote: I was initially going to implement PGP, but I have about 10 internal users (that would each need a digital certificate) sending to two or three external users (that would need to install the public keys from all of my internal users). That's a lot of administration. I even tried setting up a computer running MS Outlook 2002 with the following... Receive mail on Account A Setup a rule to forward all messages from Account A out on Account B Setup PGP on Account B Therefore internal users send mail to Account A. The rule forwards the mail to external users via encrypted Account B. It seems logical enough, but Outlook 2002 would default to sending out on Account A rather than B, because the mail was originally received on Account A. I even tried changing the default account, but it never worked correctly. -Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jeff Maze - Hostmaster Sent: Wednesday, January 22, 2003 8:48 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption Have you tried PGP on the client side? I've used it before, but the only problem is that you have to distribute your public key to everyone that you're sending messages to. Then they have to install PGP on their machine, create a public key for them, and then install your public key to read your message. Also, there was a big security hole discovered in PGP a few months ago. I haven't heard anything about it recently as to whether they've fixed it or not. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Declude Forum Sent: Wednesday, January 22, 2003 8:35 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption I tried a VPN between the sites, but the IT staff at the other site (different company) couldn't get their act together. I use a VPN for my own remote sites without any problems. I currently use SSL on the webmail interface, but for this instance the external users would need internal mail accounts. It would be nice if there was a simple app, like declude, that would encrypt outgoing emails. A suggestion for a future release ;-) -Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan Sent: Tuesday, January 21, 2003 10:28 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.Virus] server-based encryption In our case, its a many to many, and not all the sites will be on our mail servers. I'd rather not have all those sites tunneling into our server, just for management overhead. But mostly, we need a way to let end-users send secure messages to people on a variety of ISPs etc. One being AOL! ick .. hence my self-extracting file, or client pgp. Jonathan At 03:50 PM 1/21/2003 -0800, you wrote: If you are looking at just 2 primary sites, why not use a site to site vpn to encrypt date between your locations. Jim - Original Message - From: Jonathan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, January 21, 2003 3:47 PM Subject: RE: [Declude.Virus] server-based encryption oops .. responded too quickly. I guess that wouldn't be server-side, would it? :) Sorry .. We've been using webmail in secure mode (yuck), and dabbling a bit with SSL POP and SMTP.. but of course this doesn't help with remote users. I was playing with just having the server pgp up any file that goes to an outside address, or some self-extracting file .. didn't come up
RE: [Declude.Virus] server-based encryption
That would be ideal. But is it feasible? If so, don't forget to include me on the royalties! :) -Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan Sent: Wednesday, January 22, 2003 12:37 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption Maybe something could be scripted and called via declude .. an external .. might not be so difficult .. Jonathan At 09:10 AM 1/22/2003 -0500, you wrote: I was initially going to implement PGP, but I have about 10 internal users (that would each need a digital certificate) sending to two or three external users (that would need to install the public keys from all of my internal users). That's a lot of administration. I even tried setting up a computer running MS Outlook 2002 with the following... Receive mail on Account A Setup a rule to forward all messages from Account A out on Account B Setup PGP on Account B Therefore internal users send mail to Account A. The rule forwards the mail to external users via encrypted Account B. It seems logical enough, but Outlook 2002 would default to sending out on Account A rather than B, because the mail was originally received on Account A. I even tried changing the default account, but it never worked correctly. -Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jeff Maze - Hostmaster Sent: Wednesday, January 22, 2003 8:48 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption Have you tried PGP on the client side? I've used it before, but the only problem is that you have to distribute your public key to everyone that you're sending messages to. Then they have to install PGP on their machine, create a public key for them, and then install your public key to read your message. Also, there was a big security hole discovered in PGP a few months ago. I haven't heard anything about it recently as to whether they've fixed it or not. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Declude Forum Sent: Wednesday, January 22, 2003 8:35 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption I tried a VPN between the sites, but the IT staff at the other site (different company) couldn't get their act together. I use a VPN for my own remote sites without any problems. I currently use SSL on the webmail interface, but for this instance the external users would need internal mail accounts. It would be nice if there was a simple app, like declude, that would encrypt outgoing emails. A suggestion for a future release ;-) -Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan Sent: Tuesday, January 21, 2003 10:28 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.Virus] server-based encryption In our case, its a many to many, and not all the sites will be on our mail servers. I'd rather not have all those sites tunneling into our server, just for management overhead. But mostly, we need a way to let end-users send secure messages to people on a variety of ISPs etc. One being AOL! ick .. hence my self-extracting file, or client pgp. Jonathan At 03:50 PM 1/21/2003 -0800, you wrote: If you are looking at just 2 primary sites, why not use a site to site vpn to encrypt date between your locations. Jim - Original Message - From: Jonathan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, January 21, 2003 3:47 PM Subject: RE: [Declude.Virus] server-based encryption oops .. responded too quickly. I guess that wouldn't be server-side, would it? :) Sorry .. We've been using webmail in secure mode (yuck), and dabbling a bit with SSL POP and SMTP.. but of course this doesn't help with remote users. I was playing with just having the server pgp up any file that goes to an outside address, or some self-extracting file .. didn't come up with anything else. I'm interested to see what everyone else is working on, though.. Jonathan At 05:40 PM 1/21/2003 -0600, you wrote: There's always PGP, but both sides need the plugins .. Jonathan At 03:30 PM 1/21/2003 -0800, you wrote: I work for the healthcare division of Siemens, and we are currently beta testing our secure message delivery products (including e-mail) with some our healthcare customers. Depending on how soon you need it, our offering should be publicly available in a couple of months. Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Declude Forum Sent: Tuesday, January 21, 2003 10:12 AM To: [EMAIL PROTECTED] Subject: [Declude.Virus] server-based encryption Greetings, Does anyone use an application to encrypt outgoing email messages? I work for a medical related company, and we need a way to encrypt some outgoing
