One of the most common uses of network systems is for e-mail-based communications. As such, a great deal of attention has been given to securing e-mail systems. However, most of this focus has been in two areas: security at the message . . .
One of the most common uses of network systems is for e-mail-based communications. As such, a great deal of attention has been given to securing e-mail systems. However, most of this focus has been in two areas: security at the message level, using PGP or S/MIME, and confidentiality in the authentication process for mail retrieval, i.e., using APOP or SSL-based IMAP. This still leaves mail server-to-server traversal vulnerable to several attacks.

The introduction of basic cryptography into a mail server-to-server session alleviates most of these risks. Mail transport agents (MTA) and software such as Sendmail or Postfix can be augmented to handle their communications over transaction layer security (TLS) channels. This provides for a number of services, including confidentiality, integrity protection and strong authentication.

This article will introduce the features and use of SMTP over TLS as defined in RFC 2487, as well as illustrate their setup in the Sendmail package. We will cover cryptography basics, though not delve into the mathematics of cryptosystems and simple mail transfer protocol (SMTP) and extended simple mail transfer protocol (ESMTP) basics.

The link for this article located at LinuxJournal is no longer available.