Tag: email

As we have shown during the last few weeks, there are certain confidentiality, integrity and authenticity problems with email communication. We have already shown, that there is some decent cryptography available today that can improve the security of email communication. The only unsolved problem left is how to secure your cryptographic keys when you cannot trust your own computer. Good thing is, you can secure your digital identity even in case your personal computer gets compromised. Read on to learn what we have designed.

Last week we have discussed something rather boring - casual email communication and the security implications (or more like the lack of security) of using it. We have just re-phrased the well-known fact that casual email communication is far from secure with respect to confidentiality, integrity and authenticity. Today we are about to present a widely used class of solutions that make Eve's life harder, but I am afraid that today is not the day I can present you with ultimate solution to email communication security. But as you probably know, security is a gradual process rather than a product - a silver bullet - that solves all your problems. Read on for our gradual approach.

After ranting about elliptic curves for more than three months, it is probably the time to pause for awhile and think where the encryption based on elliptic curves of some kind might be really needed. Although many people might disagree, for some of us, liberating the communication between people is the most important thing the Internet brought. And although the generic data communication by transferring data packets over the network do not provide much convenience to an ordinary human being, if we look at some real human-to-human communication on the Internet, the email fits in really well. It has its quirks - but what does not?

After venturing into the basic architecture of a robust email solution last week, we will look into the remaining missing bits today. Then we should look for some answers about how to secure the email communication end-to-end. In this article we find anti-spam and anti-virus solution integrated into our infrastructure, configure server-side filters, add DKIM[1] signing and verification and give our users nice webmail interface to use.

As we have shown two weeks ago, email can be a very convenient tool for decent communication and in the future we will show that it can also be very secure tool if you need to send confidential information and verify its source using digital signature. But before we venture into that quadrant of space-time, we need to have a solid infrastructure in place. We start building such infrastructure with creating email server that can host virtual domains with multiple mailboxes and aliases. We will also ensure the mailboxes are accessible using common protocols and it is possible to easily administer the whole solution.