It wraps the transmission between the client and smtp (sending) mail server in SSL. Works just like https does on the web world. But after the mail leaves the smtp server, it travels clear text. To protect the data thoughout the transmission (sender to receiver) you need to look at PGP or GPG. A long time ago, I used GnuPG (http://www.gnupg.org/) to encrypt some data before sending it to a vendor system. I never tried it with cfmail. But you should be able to work for this. BTW, FusionLink does provide SSL connections for SMTP,POP3,IMAP,FTP,SQL Connections,etc.
John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Friday, January 18, 2008 12:46 PM To: [email protected] Subject: Re: [ACFUG Discuss] Encrypted Email I thought I did... TLS is transport layer security between the mail client (CF) and the SMTP server. Its essentially SMTP over SSL. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] "What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant." -- Robert F. Kennedy, 1964 On Jan 18, 2008, at 12:44 PM, [EMAIL PROTECTED] wrote: Thanks for the input on this encrypted email question. Can you tell me exactly what the parameter <cfmail useTSL = "yes"> would be used for if it doesn't excrypt the body of the email. Thanks, <mime-attachment.jpeg> Joseph S. Johnson 404.498.8148 * [EMAIL PROTECTED] "Dean H. Saxe" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 01/18/08 10:12 AM Please respond to [email protected] To [email protected] cc Subject Re: [ACFUG Discuss] Encrypted Email Guys, This is easily solved through public key encryption. Unfortunately, its usage is not widespread, even in the security community. Go figure. Check out PGP and GPG for more info. Alternatively, use a mail server like Tumbleweed (tumbleweed.com iirc). -dhs Dean H. Saxe, CISSP, CEH <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] "[T]he people can always be brought to the bidding of the leaders. This is easy. All you have to do is to tell them they are being attacked, and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same in every country." --Hermann Goering, Hitler's Reich-Marshall at the Nuremberg Trials On Jan 18, 2008, at 9:54 AM, McTure, Greg wrote: Hi Clint: I haven't a business need to work with such an issue yet but in just quickly thinking about your issue I would consider the following factors. 1. Encryption method for encrypting the email content from the source (sender). 2. The ability of the recipient's email client to be able to decrypt the mail content upon receipt. I'm not sure if this readily feasible but I would think the email recipient would need to be aware of the encryption schema being used and possibly need a "key" on their end to decrypt the email content. This would likely require no manual process by the recipient. If this were to be an automated process of decryption on the recipient end, (in just quickly thinking through the process) I would start to look at some way in which I could poll a specific location for the email to go to and when an email is received invoke some process to decrypt the email for the recipient. Have you checked to see if there is a custom tag that will help or conducted a search to see what encryption/decryption options Outlook/Exchange has? It may be worth giving that a look as well. _____ From: [EMAIL PROTECTED] [ <mailto:[EMAIL PROTECTED]> mailto:[EMAIL PROTECTED] On Behalf Of <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] Sent: Thursday, January 17, 2008 2:28 PM To: [email protected] Subject: Re: [ACFUG Discuss] Encrypted Email - create a message stored in a variable - create a new file, write variable to file, save file - execute PGP getting it to create an encrypted file - read encrypted file into variable - send encrypted text as message body (subject and everything else stays the same) <image001.gif> <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] Sent by: <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] 01/17/2008 02:24 PM Please respond to <mailto:[email protected]> [email protected] To <mailto:[email protected]> [email protected] cc Subject [ACFUG Discuss] Encrypted Email How would I go about encrypting email when using the cfmail tag? Thanks, <image002.jpg> Joseph S. Johnson 404.498.8148 * <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] ------------------------------------------------------------- Annual Sponsor - <http://www.figleaf.com/> Figleaf Software To unsubscribe from this list, manage your profile @ <http://www.acfug.org?fa=login.edituserform> http://www.acfug.org?fa=login.edituserform For more info, see <http://www.acfug.org/mailinglists> http://www.acfug.org/mailinglists Archive @ <http://www.mail-archive.com/discussion%40acfug.org/> http://www.mail-archive.com/discussion%40acfug.org/ List hosted by <http://www.fusionlink.com/> FusionLink ------------------------------------------------------------- ------------------------------------------------------------- Annual Sponsor FigLeaf Software - http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
