Ray,

Just to be technically clear and correct for those who may not know, GPG
does not provide end to end mail encryption, but only mail content
encryption. Even if you use GPG to encrypt the contents of your mail
message, it is possible for people (mail sysadmins, bad guys sniffing, etc.)
to see the message headers (mail recipient's address, etc.).

But, as others have pointed out, TLS only encrypts the connections to the
mail server. Anyone with access to your mail spool can read your unencrypted
email content. TLS is only a partial security solution and requires the user
to trust the mail server admin.

So if you want true message security, don't use email at all. Anyone know of
a good alternative? Are there any free|OSS encrypted IM apps out there?

John Hebert

-----Original Message-----
From: -ray
To: [email protected]
Sent: 6/16/03 11:02 PM
Subject: Re: [brlug-general] Cox and smtp pain today.

On Mon, 16 Jun 2003, will hill wrote:

> Well, I'll get a good idea of what's really out there soon enough, if
we
> have the demo people are talking about.  I'm stuck on TLS because I
> imagine everyone running a mail server and that being the best and
most
> secure way to send mail.  Why not, it only takes a 486 and the best
> software is free?  Isn't distributed computing what the Internet is
all
> about?  If everyone did that and mail was echanged via TLS would it
ever
> have to be decrypted on an intermediate machine?

it's not feasible for everyone to run their own mail server.  Mailstores
were created because it's expensive to maintain an "always-on" internet
connection.  it still is.  most people still use $20 dial-up cause a
$35-$60 broadband connection is too expensive.  it'd be like telling
everyone to take down their snail mailbox, and just be home when the
mailman passes.

Bottom line, TLS is not your answer.  Give it up.  Were you using TLS
before Cox blocked port 25?  If not, i don't want to hear it... :)

Use GPG if you want true end-to-end mail encryption.

ray


_______________________________________________
General mailing list
[email protected]
http://brlug.net/mailman/listinfo/general_brlug.net

Reply via email to