Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Figure 9-6: E-Mail Security E-Mail Technology  E-Mail Clients and Mail Servers (Figure 9-7) Mail server software: Sendmail on UNIX, Microsoft Exchange,

Published byWilfred Goodman Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Figure 9-6: E-Mail Security E-Mail Technology  E-Mail Clients and Mail Servers (Figure 9-7) Mail server software: Sendmail on UNIX, Microsoft Exchange,"— Presentation transcript:

1

2 1 Figure 9-6: E-Mail Security E-Mail Technology  E-Mail Clients and Mail Servers (Figure 9-7) Mail server software: Sendmail on UNIX, Microsoft Exchange, and Lotus/IBM Notes dominate on Windows servers Microsoft Outlook Express is safer than full- featured Outlook because Outlook Express generally does not execute content

3 2 Figure 9-7: E-Mail Standards Sending E-Mail Client Sender’s Mail Server Receiver’s Mail Server SMTP to Send POP or IMAP to Download SMTP to Send Receiving E-Mail Client Message RFC 822 or 2822 body HTML body

4 3 Figure 9-6: E-Mail Security E-Mail Technology  SMTP to send messages from client to mail server or from mail server to mail server  To download messages to client e-mail program from receiver’s mail server POP: Simple and popular; manage mail on client PC IMAP: Can manage messages on mail server

5 4 Figure 9-6: E-Mail Security E-Mail Technology  E-mail bodies RFC 822 / RFC 2822: Plain English text HTML bodies: Graphics, fonts, etc. HTML bodies might contain scripts, which might execute automatically when user opens the message  Web-based e-mail needs only a browser on the client PC

6 5 Figure 9-8: Web-Based E-Mail Client’s Browser Webserver Program HTTP Request Message HTTP Response Message Webpage Containing Message Client PC Webserver with Web-Based E-Mail Almost all client PCs now have browsers. No need to install new software

7 6 Figure 9-6: E-Mail Security E-Mail Content Filtering  Antivirus filtering and filtering for other executable code Especially dangerous because of scripts in HTML bodies  Spam: Unsolicited commercial e-mail

8 7 Figure 9-6: E-Mail Security E-Mail Content Filtering  Volume is growing rapidly: Slowing and annoying users (porno and fraud)  Filtering for spam also rejects some legitimate messages  Sometimes employees attack spammers back; only hurts spoofed sender and the company could be sued

9 8 Figure 9-6: E-Mail Security Inappropriate Content  Companies often filter for sexually or racially harassing messages  Could be sued for not doing so

10 9 Figure 9-6: E-Mail Security E-Mail Retention  On hard disk and tape for some period of time  Benefit: Can find information  Drawback: Can be discovered in legal contests; could be embarrassing  Must retain some messages for legal purposes

11 10 Figure 9-6: E-Mail Security E-Mail Retention  Shredding on receiver’s computer to take messages back Send key to decrypt Make key useless after retention period so cannot retrieve anymore Might be able to copy or print before retention limit date Not good for contracts because receiver must be able to keep a copy

12 11 Figure 9-6: E-Mail Security E-Mail Retention  Message authentication to prevent spoofed sender addresses  Employee training E-mail is not private; company has right to read Your messages may be forwarded without permission Never put anything in a message they would not want to see in court, printed in the newspapers, or read by their boss Never forward messages without permission

13 12 Figure 9-6: E-Mail Security E-Mail Encryption  Not widely used because of lack of clear standards  PGP and S/MIME for end-to-end encryption How to get public keys of true parties?  PGP uses trust among circles of friends: If A trusts B, and B trusts C, A may trust C’s list of public keys Dangerous: Misplaced trust can spread bogus key/name pairs widely

14 13 Figure 9-9: Cryptographic Protection for E-Mail Mail Server Sending E-Mail Client Receiving E-Mail Client SMTP, POP, etc. Over TLS SMTP, POP, etc. over TLS S/MIME with PKI or PGP with Circles of Trust

15 14 Figure 9-6: E-Mail Security E-Mail Encryption  Not widely used because of lack of clear standards  PGP and S/MIME for end-to-end encryption How to get public keys of true parties?  S/MIME requires expensive and cumbersome PKI

16 15 Figure 9-6: E-Mail Security E-Mail Encryption  PGP and S/MIME for end-to-end encryption Ease of use  S/MIME usually built in if available at all  PGP usually a cumbersome add-on to e-mail  TLS Between client and server

Download ppt "1 Figure 9-6: E-Mail Security E-Mail Technology  E-Mail Clients and Mail Servers (Figure 9-7) Mail server software: Sendmail on UNIX, Microsoft Exchange,"

Similar presentations

Basic Communication on the Internet:

Basic Communication on the Internet:
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
Breaking Trust On The Internet

Breaking Trust On The Internet
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Mozilla Thunderbird. What is Thunderbird? E-mail client E-mail client Usenet newsgroup reader Usenet newsgroup reader RSS client RSS client Comparable.

Mozilla Thunderbird. What is Thunderbird? client client Usenet newsgroup reader Usenet newsgroup reader RSS client RSS client Comparable.
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)

Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
Basic Communication on the Internet: E-Mail Integrated Browser E-Mail Programs and Web-Based E-Mail Services Tutorial 3.

Basic Communication on the Internet: Integrated Browser Programs and Web-Based Services Tutorial 3.
Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.

Identity and Access IDGo Secure (ISE) for Android Didier Bonnet April 2015.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Lesson 7: Business, , & Personal Information Management

Lesson 7: Business, , & Personal Information Management
How Clients and Servers Work Together. Objectives Web Server Protocols Examine how e-mail server and client software work Use FTP to transfer files Initiate.

How Clients and Servers Work Together. Objectives Web Server Protocols Examine how server and client software work Use FTP to transfer files Initiate.
PYP002 Intro.to Computer Science Working with E-mail1 Working With E-mail Chapter 18.

PYP002 Intro.to Computer Science Working with 1 Working With Chapter 18.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.
E-mail-I CS-3505 Wb_e-mail-I.ppt. Email 4 The most useful feature of the internet 4 Lots of different email programs, but most of them can talk to each.

-I CS-3505 Wb_ -I.ppt. 4 The most useful feature of the internet 4 Lots of different programs, but most of them can talk to each.
© 2009 Pearson Education, Inc. Publishing as Prentice Hall Networked Applications Chapter 11 Updated January 2009 Raymond Panko’s Business Data Networks.

© 2009 Pearson Education, Inc. Publishing as Prentice Hall Networked Applications Chapter 11 Updated January 2009 Raymond Panko’s Business Data Networks.

Similar presentations

Ads by Google