James Ebright wrote:
On Thu, 26 May 2005 15:20:33 -0400, WBrown wrote
Ummm wouldn't TLS only encrypt the traffic between the two servers
involved at the moment, ie, your mail server and theirs as you relay
though it? Encrypting the contents of the message would keep it out
of their hands.
It encrypts the transmission of the message(s) from MUA through to Final
Delivery MTA Assuming every MTA in the middle can handle TLS, once a non TLS
MTA is hit from there on it is regular ole plaint text.
Sorry, I don't think this is correct:
My MUA doesn't know the final delivery MTA, so it can't encrypt a
message for viewing by the final delivery MTA only. Instead, it uses
TLS to encrypt the entire SMTP conversation with my local MTA. My local
MTA then takes the plaintext message and passes it on to the next MTA in
the delivery chain. If the next MTA supports TLS, then the message is
re-encrypted, passed across the wire as part of an encrypted SMTP
conversation, and again decrypted by the next MTA. And so on to the
final location. TLS encrypts traffic across the wire, but each MTA in
the chain sees the message.
Like WBrown said, if you don't want ISPs reading your mail, encrypt the
messages, don't rely on TLS.
This is at least my understanding. If I'm missing something, please let
me know.
Josh Kelley
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
