Re: message-signing at the MTA level

Tue, 14 Sep 1999 05:58:28 -0700 

>On Sat, Aug 21, 1999 at 10:09:31PM -0400, Russell Nelson wrote:
>> I've been thinking about cryptographic signing of messages at the mail 
>> transfer agent level.  I can think of how to do it, but I'm not sure
>> what problem it solves.  :)  Anyone have any ideas?
>
At 12:01 PM 8/22/99 -0700, Eric Murray wrote:
>I wrote a similar system for Sun 4 or 5 years ago.   However its purpose
>was to encrypt the email for secrecy.  It used sendmail and PGP, would
>automagically encrypt messages sent to hosts/domains registered in a
>config file, and would use the same config file to attempt to decrypt
>incoming PGP'd messages.

PGP/NAI developed an SMTP forwarder system that does rule-based processing
with capabilities like 
        - Encrypt outgoing mail when possible
        - Block unencrypted outgoing mail to some/all sites
        - Block encrypted   outgoing mail to some/all sites
        - copy+encrypt in/outgoing mail to Corporate Email Escrow
        - Block outgoing mail not also encrypted to Corporate Escrow
        - Sign&date incoming or outgoing mail
This was during their Corporate Escrow period, so we all taunted them about
it,
rather than doing much thought about what things might be useful.

Cryptographic signing of the messages can be useful in some
business environments, though I'd prefer encryption+signing for many of them.
If you always sign outgoing mail, and somebody asserts that
an unsigned message is from your company, you've got some ability to
argue that it's forged.  More importantly, if someone knows you
always sign your mail, and they receive unsigned mail claiming to be from you,
you and they can be suspicious.

One of the fun things about just doing signatures is that you can
distribute the software for free if you want, without US export laws.

A big problem with this, though, is making very sure that the software
doesn't sign things it's not supposed to sign.  This is hard, because
it depends on the user's configuration of their mailserver and firewalls, 
which is mostly out of your control - having software with your name on it
that gets abused this way would be Really Bad.

                                Thanks! 
                                        Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639

Reply via email to