Internet Research Group Proposes Better Email Standard

Mar 22, 2016

Improvements to SMTP will provide better guarantee of confidentiality

A group of researchers at some of the leading Internet companies have released the draft of a new mechanism for mail service providers to declare their ability to receive TLS-based secure email connections. The new feature fixes a flaw in the SMTP STS extension, which was supposed to be an update for mail security but failed to guarantee confidentiality or proof of server authenticity.

The new document proposes a means for the receiving server to declare its TLS support in advance, thus eliminating the negotiation phase, which makes the protocol vulnerable to various attack techniques. See the article in the Register for additional information.

Related content

  • NEWS

    Updates on technologies, trends, and tools

  • Groklaw Closes

    Award-winning FOSS legal site shuts down on fears of government surveillance.

  • News

    Updates on Technologies, Trends, and Tools

  • Welcome

    Once upon a time, everybody linked to everybody on the web, and that was OK, because every business that depended on the web for revenue could go and sell advertising.

  • Blocking Spam Intro

    Spammers charge real money for their dubious services, and hundreds of advertisers are willing to pay. We’ll show you some innovative techniques for controlling and containing spam, including strategies for slowing down spam bots, keeping spammers from getting your address, and separating spam from legitimate email.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More