[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 314
  • Last Modified:

Confidentiality concerns about using an antispam hosted service

I am trying to convince management to subscribe to a well known antispam hosted service, instead of doing it inhouse on our servers, and would need advice/arguments on this issue.

They are concerned about the confidentiality of the documents being sent/received with their clients by email. Their argument is that they do not want somebody or a service to have possible access to the emails/documents when they are sent between the client email server and ours.

The arguments I was planning to give them, which I would like to verify with you here,  would be the following:
1) Internet email is presently unsecured email, unless you apply some sort of encryption to its contents.
2) The path taken by an email sent from a client email server to ours is not "direct". It will have to go through a certain number of hops (routers and servers) in order to reach us.  (ex: tracert gives 14 hops to go from our server to a @yahoo.com email server).
3) The antispam service we would be subscribing to is simply one additionnal hop in the series of hops followed by the message.
4) Traffic "sniffing", in theory, could be done in any of the locations which manage one of the routers/networks involved in the hop along the route, by someone with wrong intentions and proper access to the equipement/network environement.
5) If previous argument (4) is true, and confidentiality is really important on some documents, then encryption should be applied to these.

Are these arguments valid ?

Thanks for your help and comments.
0
ndidomenico
Asked:
ndidomenico
  • 4
  • 3
  • 2
2 Solutions
 
jar3817Commented:
All of those sound good. The two points I would drive home are:

1. Once it leaves your email server, it is NOT secure or guaranteed to get to the indented recipient.
2. If confidentiality is a concern, those documents must be encrypted so that the intended recipient has the keys to decrypt them.
0
 
ccsistaffCommented:
I agree with jar3817.  The only added risk not addressed is the third party having unwanted access to your mail, only in most cases, if the 3rd party spam service is professionally administered, the messages are not inspected beyond viral/spyware/spam checks before being sent off to their final destination.  The service does not store the mail typically, and if they do it is usually encrypted with a key that the provider doesn't know and will never ask for.  

MX Logic does a terric service like this and can address your concerns in great detail.  

http://www.mxlogic.com
0
 
ndidomenicoAuthor Commented:

What do you think about #4 traffic sniffing along the route. Has there been cases where this was actually done, found and reported ?
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
jar3817Commented:
It's possible, but I wouldn't worry about it too much. If someone is sniffing traffic, they'll probably be after things like passwords rather than email attachments.
0
 
ccsistaffCommented:
Often, ISPs are monitoring their networks and will shutdown people trying to do that level of sniffing.  I know Comcast has a pretty tight hold over their network; they've shut me down for doing routine security checks before.  
0
 
ndidomenicoAuthor Commented:
Will an email sent from server A to server B follow approximately the same route as when doing a "tracert serverB_ip" command from server A ?
0
 
ccsistaffCommented:
No.  Routers will use the most convenient route at the time the packet(s) are routed.  If the load across one route is too high at any given time, an alternative route will be chosen.
0
 
ndidomenicoAuthor Commented:
So email packets are routed no differently to the destination mail server than any other type of Internet traffic ?
0
 
ccsistaffCommented:
That's right.  If a route goes down or is too busy, the router will choose an alternative route.  Packets will be re-organized when they arrive at their destination.  
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now