SMTP "security" (was Re: Comcast and SORBS)

[Bob George]

John Chambers wrote:

>  [...] Case in point: For much of the past three years, I've done
>  some consulting work for a big comm company (which one isn't
>  relevant here), and I did much of the work at home. The team was
>  scattered around the world, so at the start there was some
>  discussion of which email addresses we should use.

If your communications are *at all* sensitive, why oh why aren't you 
using something like PGP or VPN to protect them the entire way, rather 
than just to the next hop? To think you've gained anything by such 
partial protection seems a bit dangerous, don't you think?

>  [...] This isn't a trivial concern. We've already seen such things
>  as: The "child protection" filters routinely block not only porn,
>  but also web sites of the filterers' competitors.

Are you referring to an ISP, or an enterprise? Different rules apply for 
each.

>  [...] And last year, msn.com was caught extracting things (mostly
>  images) from their customers' email and using them in ads.

Hadn't heard about that one. Do you have a URL with details?

>  [...] In any case, the concern is obvious: If an ISP can intercept
>  messages to/from tech workers like me, they have a very good tool to
>  find out what their competitors are planning.

Again, if you're doing work via email that's even remotely sensitive, 
why aren't you using any of the readily available tools to protect those 
messages in transit? Isn't the whole argument that having to go through 
your provider's mail server consitutes a compromise of security is 
off-base? Yes it is, but then so is every successive hop the message 
takes. Unless you're certain every member of your teams runs their own 
SMTP server (and is the MX for their domain), your entrusting the 
security of your project to any number of "other" servers anyhow. And 
even if each team member DOES operate their own SMTP server, set up as 
MX for their domain, anybody who's played with the dsniff suite, or even 
rudimentary network tools such as tcpstreams has seen the simplicity of 
capturing tcp streams on the network. If I'm truly up to no good, and 
operate a network that competitors might use, setting up a capture for 
SMTP traffic en-route is no big deal. The fundamental problem is that 
SMTP is insecure.

>  This gives them advanced warning so they can take steps to block
>  their competitors' intrusion into their market. This is a great idea
>  if you think that communications should be under the control of a
>  private monopoly.

If you're not encrypting, you're fooling yourself to think you're 
protected in any way, or from any party!

>  If you want to be able to communicate as you wish, or if you like to
>  have alternative ISPs, you might give the subject a bit more
>  thought.

If you want to communicate *securely* with others, I'd suggest the same.

>  [...] I've recently received spam messages that were
>  invitations to conferences dealing with just this topic. The hot
>  new idea is using IM as a source of commercially-useful information.
>  This is easy, because IM almost always goes through a
>  corporate server. The technical challenge is that IM contains less
>  information than email.

Again, why oh why are you using IM to communicate sensitive information 
when secure (or at least "more secure") alternatives are readily available.

- Bob