Selection of Methods to Provide End-to-End Email Traffic Security

Arthur S.  Petrosyan; Gurgen S.  Petrosyan

Authors

Arthur S. Petrosyan Institute for Informatics and Automation Problems of NAS RA
Gurgen S. Petrosyan Institute for Informatics and Automation Problems of NAS RA

Keywords:

Email, Security, SMTP, MTA, Strict Transport Security, STS, TLS, Mail User Agent, MUA, Mail Transfer Agent

Abstract

he goal of the research described in this paper is to select methods of securing Email traffic. While it is known that Email service is not secure by default, both end users and service providers can implement available securing mechanisms to ensure end-to-end Email traffic security as much as possible. Latest developments and research in this area, like SMTP MTA Strict Transport Security (STS) and SMTP TLS Reporting are presented. This paper includes a best practice configuration of protection methods for both Mail User Agent (MUA) and Mail Transfer Agent (MTA). Recommendations given are oriented for the Members of Academic Scientific Research Computer Network of Armenia (ASNET-AM) in regard to secure use of ASNET-AM Email Service.

References

RFC4949 - Man-in-the-Middle (MitM) attack. https://tools.ietf.org/html/rfc4949

RFC7435 - Opportunistic Security: Some Protection Most of the Time. [Online]. Available: https://tools.ietf.org/html/rfc7435

A. Petrosyan, E. Prokhorenko and M. Khachatryan, “Securing E-mail Service in ASNETAM Network”, Proceedings of the Conference CSIT’2015, Yerevan, pp. 249-250, 2015.

SMTP MTA Strict Transport Security. Internet-Draft, [Online]. Available: https://tools.ietf.org/html/draft-ietf-uta-mta-sts-01

Enabling TLS in the Postfix SMTP server,. [Online]. Available: http://www.postfix.org/TLS_README.html#server_cert_key

Selection of Methods to Provide End-to-End Email Traffic Security

Authors

Keywords:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Most read articles by the same author(s)

Make a Submission