Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.

Do Not Rely on STARTTLS to Automatically Encrypt Your Sensitive E-mails

posted by martyb on Monday November 02 2015, @01:19PM   Printer-friendly
from the ask-and-ye-might-not-receive dept.

darkfeline writes:

http://arstechnica.com/security/2015/10/dont-count-on-starttls-to-automatically-encrypt-your-sensitive-e-mails/

This isn't really new news, but improperly configured mail services result in lots of privacy holes across the Internet.

STARTTLS is used to upgrade an unencrypted connection to an encrypted SSL/TLS connection. The problem is that if the upgrade fails, many mail clients will proceed to send mail on the unencrypted connection.

For any sysadmins (technical info):

Unfortunately, the situation is somewhat sticky. I suggest reading carefully the TLS/SSL section of https://wiki.debian.org/PostfixAndSASL as well as the STARTTLS RFC http://tools.ietf.org/html/rfc2487

Public email servers should not require STARTTLS (that is, encryption) on port 25 (smtp). Furthermore, there is no guarantee that all of the mail servers during transit of an email use encryption. Thus, you should assume your email is transmitted unencrypted, until a better solution emerges. You can always use OpenPGP to encrypt the body of your email, which should become commonplace shortly after Hurd achieves market dominance.

Editors Note: How to articles for various flavors of Microsoft Exchange can be found at MSExchange.org.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Do Not Rely on STARTTLS to Automatically Encrypt Your Sensitive E-mails | Log In/Create an Account | Top | 23 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Informative) by Anonymous Coward on Monday November 02 2015, @03:31PM

    by Anonymous Coward on Monday November 02 2015, @03:31PM (#257532)

    The SSL/TLS settings in your mail client is for the username/password, not for the mail. Yes, it also encrypts the mail, for a few milliseconds before decrypting it again and forwarding it in plaintext.

    If you want real e-mail encryption, use PGP or Gnu Privacy Guard. Outlook users may prefer X.500 certificates, but be aware than those are NSA-approved - and probably not readable by anyone else, but neither is RTF-emails anyway, so anyone who cares about communicating with non-Exchange-customers avoid Outlook like the plague.

    Starting Score:    0  points
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Total Score:   1  

  • (Score: 2) by VanderDecken on Monday November 02 2015, @03:54PM

    by VanderDecken (5216) on Monday November 02 2015, @03:54PM (#257538)

    Mostly right.

    Yes, TLS is important to avoid exposing credentials in client-to-server communications. But part of the story is in server-to-server where no authentication is typically used. In that case, most servers will do opportunistic encryption, but that doesn't provide a lot of cover either as it can be easily MITM'd -- besides accepting things like self-signed certs, server-to-server will downgrade to cleartext if TLS isn't available (or claimed to not be available). One of the best things that can be said for server-to-server TLS for SMTP is it decreases the amount of cleartext traffic on the Internet (which is a good thing).

    The biggest take-away from various comments (including the parent) is that if you want to have a reasonable amount of privacy use PGP/GPG or the equivalent.

    --
    The two most common elements in the universe are hydrogen and stupidity.