dtabrown2
asked on
Can I recieve secure smtp traffic
I've been asked by a manager if we can accept secure emails from outside domains. In other words I work for company A (companyA.com) that runs an Exchange 2003 server with an ISA firewall for webmail and a spam appliance for smtp traffic. Company B wants to send one of my users a secure email, how do I set that up?
I have a public cert for CompanyA.com and I've read about how to secure internal email traffic using a Cert but does that apply to external as well?
Does it depend on the type of application Company B is using to secure its mail?
Does my spam appliance need to accept the secure email, is this not an Exchange issue at all?
As you can tell I'm grasping at straws here and any help would be appreciated.
I have a public cert for CompanyA.com and I've read about how to secure internal email traffic using a Cert but does that apply to external as well?
Does it depend on the type of application Company B is using to secure its mail?
Does my spam appliance need to accept the secure email, is this not an Exchange issue at all?
As you can tell I'm grasping at straws here and any help would be appreciated.
ASKER
Wow, Dave that was the best answer i've ever gotten on this site.
Is there another more common way to transfer encrypted information? We have a secure FTP site would that be a better solution?
Is there another more common way to transfer encrypted information? We have a secure FTP site would that be a better solution?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thank you for the very detailed responses.
You already appear to have read about how to set up SMTPS - SSL (actually, TLS) encrypted email transmission, which is similar to how https works (and just as https carries http inside the encrypted "channel", smtps carries smtp traffic)
The issue there is that smtps (aka smtp/tls) is a per-connection security option, and is not only per-link, but has to be chosen by both sides (the sender must choose to use tls when it sees "STARTTLS" as one of the replies to the "EHLO" command, and the recipient in turn must provide a valid X509 certificate. If you have a spam appliance, then the odds are good that that receives inbound mail as it arrives in your network, so that must be the one that provides the X509 certificate to the "outside world". Similarly, Company B must send to your site directly (not via an smtp smarthost at their ISP) or they can't ensure that the link from isp to you is encrypted, or even that their ISP allows the link from Company B to the ISP to be protected. Further, they must configure their server to *insist* that TLS be used - otherwise, an attacker could just substitute their own mailserver between you, and not offer TLS at all (which would cause most mailservers to fail back to unencrypted mail)
For these reasons, apart from deliberately created links (smtp bridgeheads) between predefined sites, TLS is rarely used in the real world.
Slightly more common (but still pretty rare) are per-email encryption schemes. This is noticably harder to set up (because the recipient must first transfer an encryption key, per recipient, to the sender) but still not massively hard - there are two schemes in common use (actually, there are better than thirty, but between them, OpenPGP and S/MIME are more than 90% of all encrypted traffic out there, everything else is a bit player)
if you have a Company B interested, you might want to discuss with them how they would like to approach this. you can fit a TLS certificate to your spam device, and have them enforce that all mail to yourselves is encrypted (this is a setting for most mailservers) or you can discuss exchanging keys so that the mail client can handle the encryption.
there is a third option, in that cisco/ironport supply a device which can encrypt mails to a key, then supply that key at need from a cisco server (called a "key oracle" in the literature) once the recipient logs in with a username and password. That has to be set up by the sender though (although there is a "secure reply" option for recipients)