Re: [Declude.JunkMail] OT: pgp in emails - can you read my emails?

[Bill Landry]

There are a few e-mail encryption services out there (e.g, see Sigaba & Zix, among others).  We provide an encrypted e-mail service for our healthcare customers that encrypts messages, not only in transport, but while stored in their mailboxes, as well.  We also provide a TLS/SSL gateway server that requires the e-mail client (Outlook, OE, Thunderbird, Opera, Eudora, etc.) to establish a TLS/SSL session to the server on either Port 25 (SMTP), 465 (SMTPS) or 587 (Submission) and once the encrypted session is established, then the SMTP Authentication challenge takes place before the server will accept a message for relaying (that way plain text passwords are encrypted in transport).   Utilizing TLS/SSL over ports 465 and 587, as well as 25, enables us to also support those customers that may be using an ISP that blocks port 25 outbound.  Port 25 inbound and outbound can be set to advertise its TLS/SSL support, and can either require it or accept it, if offered.  Here is a sample header from a message delivered though one of our secure gateways by an e-mail client:   Received: from SOMEHOST (unknown [xxx.xxx.xxx.xxx])    (using TLSv1 with cipher DES-CBC3-SHA (168/168 bits))    (No client certificate requested)    by mail.example.com (Secure E-Mail Service) with ESMTP id 1234567 We do not publish the SMTP Auth header, but could if we wanted to trigger spam filtering bypass for authenticated users.  However, in our case, only authenticated user can relay through these gateways, so the header is unnecessary.  And if you wanted to be "real" secure, you could request or even require client certificates for two-way authentication.   This same server also supports IMAPS (port 993), POP3S (port 995), and HTTPS (port 443).  And best of all, it is all done with open source software, from the OS to all necessary e-mail applications, including spam filtering and virus scanning.  It's a really nice setup and is very fast and efficient, as well.  If you would like all of the gory details, e-mail me off-list.   Bill ----- Original Message ----- From: Craig Edmonds To: declude.junkmail@declude.com Sent: Thursday, September 14, 2006 3:26 AM Subject: [Declude.JunkMail] OT: pgp in emails - can you read my emails? Hi All,   Some clients have voiced some concern over the ability of me and my team having access to their mail whilst it passes through my mail network.   Of course, I dont engage in reading peoples emails whilst performing email administration but nevertheless the opportunity is there and we do have access to it.   I have been reading a little about PGP in relation to email and it looks like they (the clients) have to make the effort to secure their mail on their computer first before sending.   Is there any guidance/tips/wording I can give my clients to give them the option to make thier emails secure?   Is there a solution out their I can enable server side which automatically encrypts incoming emails?   If emails are encryypted, can declude filter them?   How does everyone else answer the question of "can you read my emails question"?   I am using IMAIL, WIN 2003, Declude 4.3.7 if thats any help.   Kindest Regards Craig Edmonds 123 Marbella Internet W: www.123marbella.com E : [EMAIL PROTECTED]   --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.