Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SMTPS

0 views
Skip to first unread message

Lyle Coder

unread,
Apr 22, 2003, 2:05:00 PM4/22/03
to
Hi,
I want to make sure that all email comming into my company is
secure... so would I be able to close down my SMTP port and just keep
SMTPS port 465 open and still receive email to all employees and yet
be certain that any email they send out or comes in is secure?

If not, how can I ensure that?

Any products in this area?

Thanks
Lyle

Jon Mann

unread,
Apr 22, 2003, 3:07:09 PM4/22/03
to

Lyle Coder wrote:
> I want to make sure that all email comming into my company is
> secure... so would I be able to close down my SMTP port and just keep
> SMTPS port 465 open and still receive email to all employees and yet
> be certain that any email they send out or comes in is secure?

I think this would be dependent on the use of "secure SMTP" by *all* other
mail servers. Currently, this is not the case.

You will find that many mail servers will attempt SMTP transmission, or fail
the message. Essentially, you will lose email if you *only* deal with
SMTPS.

> If not, how can I ensure that?

Investigate PGP or GPG if you need secure email.

Regards,
Jon.


Mark Rafn

unread,
Apr 22, 2003, 5:25:02 PM4/22/03
to
Lyle Coder <x_c...@hotmail.com> wrote:
>I want to make sure that all email comming into my company is
>secure.

You'll want to define a bit more clearly what you mean by that.

>so would I be able to close down my SMTP port and just keep
>SMTPS port 465 open and still receive email to all employees and yet
>be certain that any email they send out or comes in is secure?

Well, you'd be certain that no mailserver can connect to you without using an
encrypted transport. The effect would be that the vast majority of people
could send you no mail, and the rest would be protected from intermediate
network routers interfering with the contents.

>If not, how can I ensure that?

Hire someone who can help you define your security needs, implement systems to
achieve them, and recover when things go wrong.
--
Mark Rafn da...@dagon.net <http://www.dagon.net/>

p...@icke-reklam.ipsec.nu

unread,
Apr 23, 2003, 2:43:25 AM4/23/03
to
Lyle Coder <x_c...@hotmail.com> wrote:
> Hi,
> I want to make sure that all email comming into my company is
> secure... so would I be able to close down my SMTP port and just keep
> SMTPS port 465 open and still receive email to all employees and yet
> be certain that any email they send out or comes in is secure?

You want to make shure that the last step from an unknown source
is encrypted ??? Whats the point ?

> If not, how can I ensure that?

> Any products in this area?


PGP Will encrypt the whole path with real (Tm) encryption.


> Thanks
> Lyle

--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.

jw

unread,
Apr 26, 2003, 6:47:22 PM4/26/03
to
Perhaps you are looking for a secure email provider. That way all of
your employees would keep their existing email addresses and
additionally be able to send and receive secure and encrypted email.
Have a look at CryptoHeaven email hosting available with business
accounts.

jw.

x_c...@hotmail.com (Lyle Coder) wrote in message news:<49fdc875.0304...@posting.google.com>...

Villy Kruse

unread,
Apr 28, 2003, 10:45:07 AM4/28/03
to
On Tue, 22 Apr 2003 20:07:09 +0100,
Jon Mann <j...@spinis-associates.co.uk> wrote:


>
>Investigate PGP or GPG if you need secure email.
>

Which also fixes the problem that mail will be stored temporaryly in
clear text on the remote SMTP servers when using SMTP over TLS/SSL.
And, besides, you can't ensure that mail didn't go as clear text on the
wire between the sender and the relay server that sent the mail to
your server.


Villy

0 new messages